v1.9.0

Add Docker hub in release images registry CI
Search gists on user profile with title, visibility, language & topics (#422 )
2025-02-02 20:48:40 +01:00 · 2025-02-02 20:11:58 +01:00 · 2025-02-02 18:14:03 +01:00 · 2025-01-30 10:46:35 +01:00 · 2025-01-29 16:00:58 +01:00 · 2025-01-27 00:57:46 +01:00
233 changed files with 22053 additions and 9151 deletions
--- a/.gitattributes
+++ b/.gitattributes
@@ -1,2 +1,4 @@
 templates/**/* linguist-vendored
 public/**/*.css linguist-vendored
 public/**/*.scss linguist-vendored
 *.config.js linguist-vendored
--- a/.github/FUNDING.yml
+++ b/.github/FUNDING.yml
@@ -0,0 +1 @@
 github: thomiceli
--- a/.github/workflows/docs.yml
+++ b/.github/workflows/docs.yml
@@ -0,0 +1,47 @@
 name: Build / Deploy docs
 on:
  push:
    tags:
      - 'v*'
  workflow_dispatch:
 jobs:
  build-and-deploy:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4
      - name: Setup Node.js
        uses: actions/setup-node@v4
        with:
          node-version: '20'
      - name: Install JS dependencies
        run: |
          npm install vitepress@1.3.4 tailwindcss@3.4.10
      - name: Build docs
        run: |
          cd docs
          npx tailwindcss -i .vitepress/theme/style.css -o .vitepress/theme/theme.css -c .vitepress/tailwind.config.js
          npm run docs:build
      - name: Deploy to server
        uses: appleboy/scp-action@master
        with:
          host: ${{ secrets.SERVER_HOST }}
          username: ${{ secrets.SERVER_USERNAME }}
          key: ${{ secrets.SERVER_SSH_KEY }}
          source: "docs/.vitepress/dist/*"
          target: ${{ secrets.SERVER_PATH }}
      - name: Update remote docs
        uses: appleboy/ssh-action@master
        with:
          host: ${{ secrets.SERVER_HOST }}
          username: ${{ secrets.SERVER_USERNAME }}
          key: ${{ secrets.SERVER_SSH_KEY }}
          script: |
            ${{ secrets.UPDATE_DOCS }}
--- a/.github/workflows/go.yml
+++ b/.github/workflows/go.yml
@@ -1,93 +1,138 @@
-name: "Go"
+name: "Go CI"
 on:
  push:
    branches:
      - master
      - 'dev-*'
  workflow_dispatch:
  pull_request:
    paths-ignore:
      - '**.yml'
      - '**.md'
 jobs:
-  checks:
+  lint:
    name: Lint
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v3
      - name: Set up Go 1.23
        uses: actions/setup-go@v4
        with:
          go-version: "1.23"
      - name: Lint
        uses: golangci/golangci-lint-action@v6
        with:
          version: v1.60
          args: --out-format=colored-line-number --timeout=20m
      - name: Format
        run: make fmt check_changes
  check:
    name: Check
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v3
      - name: Set up Go 1.23
        uses: actions/setup-go@v4
        with:
          go-version: "1.23"
      - name: Check Go modules
        run: make go_mod check_changes
      - name: Check translations
        run: make check-tr
  test-db:
    name: Test
    strategy:
      fail-fast: false
      matrix:
-        os: ["ubuntu-latest", "macOS-latest"]
+        os: ["ubuntu-latest"]
-        go: ["1.19", "1.20"]
+        go: ["1.23"]
        database: [postgres, mysql]
        include:
          - database: postgres
            image: postgres:16
            port: 5432:5432
          - database: mysql
            image: mysql:8
            port: 3306:3306
    runs-on: ${{ matrix.os }}
    services:
      database:
        image: ${{ matrix.image }}
        ports:
          - ${{ matrix.port }}
        env:
          POSTGRES_PASSWORD: opengist
          POSTGRES_DB: opengist_test
          MYSQL_ROOT_PASSWORD: opengist
          MYSQL_DATABASE: opengist_test
        options: >-
          --health-cmd ${{ matrix.database == 'postgres' && 'pg_isready' || '"mysqladmin ping"' }}
          --health-interval 10s
          --health-timeout 5s
          --health-retries 5
    steps:
      - name: Checkout
        uses: actions/checkout@v3
      - name: Set up Go ${{ matrix.go }}
        uses: actions/setup-go@v4
        with:
          go-version: ${{ matrix.go }}
      - name: Run tests
        run: make test TEST_DB_TYPE=${{ matrix.database }}
  test:
    name: Test
    strategy:
      fail-fast: false
      matrix:
        os: ["ubuntu-latest", "macOS-latest", "windows-latest"]
        go: ["1.23"]
        database: ["sqlite"]
    runs-on: ${{ matrix.os }}
    steps:
      - name: Checkout
        uses: actions/checkout@v3
      - name: Set up Go ${{ matrix.go }}
-        uses: WillAbides/setup-go-faster@v1.8.0
+        uses: actions/setup-go@v4
        with:
          go-version: ${{ matrix.go }}
-      - name: Cache Go modules
+      - name: Run tests
-        uses: actions/cache@v3
+        run: make test TEST_DB_TYPE=${{ matrix.database }}
        with:
          path: ~/go/pkg/mod
          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
          restore-keys: |
            ${{ runner.os }}-go-
-      - name: Cache Go build cache
+  build:
-        uses: actions/cache@v3
+    name: Build
-        with:
+    strategy:
-          path: ~/.cache/go-build
+      fail-fast: false
-          key: ${{ runner.os }}-go-build-${{ matrix.go }}
+      matrix:
-          restore-keys: |
+        os: ["ubuntu-latest", "macOS-latest", "windows-latest"]
-            ${{ runner.os }}-go-build-
+        go: ["1.23"]
-
+    runs-on: ${{ matrix.os }}
      - name: Run go vet
        run: "go vet ./..."
      - name: Run Staticcheck
        uses: dominikh/staticcheck-action@v1.3.0
        with:
          version: "2023.1.1"
          install-go: false
          cache-key: ${{ matrix.go }}
  docker-build-latest:
    if: ${{ github.event_name == 'push' && github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }}
    needs:
      - checks
    runs-on: ubuntu-latest
    permissions:
      contents: read
      packages: write
    steps:
      - name: Checkout
        uses: actions/checkout@v3
-      - name: Docker meta
+      - name: Set up Go 1.23
-        id: meta
+        uses: actions/setup-go@v4
        uses: docker/metadata-action@v4
        with:
-          images: |
+          go-version: ${{ matrix.go }}
            ghcr.io/thomiceli/opengist
          tags: |
            type=raw,value=dev,enable=${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }}
-      - name: Set up QEMU
+      - name: Build
-        uses: docker/setup-qemu-action@v2
+        shell: bash
-
+        run: make
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v2
      - name: Login to GitHub Container Registry
        uses: docker/login-action@v2
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
          password: ${{ secrets.GITHUB_TOKEN }}
      - name: Build and push
        uses: docker/build-push-action@v4
        with:
          context: .
          platforms: linux/amd64,linux/arm64
          push: true
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
          cache-from: type=gha
          cache-to: type=gha,mode=max
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -1,11 +1,36 @@
-name: Docker
+name: Release
 on:
  release:
    types: [published]
  workflow_dispatch:
 jobs:
  binaries-build-release:
    runs-on: ubuntu-latest
    permissions:
      contents: write
    steps:
      - name: Checkout
        uses: actions/checkout@v3
      - name: Set up Go 1.23
        uses: actions/setup-go@v4
        with:
          go-version: "1.23"
      - name: Cross compile build
        run: make all_crosscompile
      - name: Upload Release Assets
        uses: softprops/action-gh-release@v1
        with:
          files: |
            build/*.tar.gz 
            build/*.zip 
            build/checksums.txt
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  docker-build-release:
    runs-on: ubuntu-latest
    permissions:
@@ -21,6 +46,7 @@ jobs:
        with:
          images: |
            ghcr.io/thomiceli/opengist
            docker.io/thomiceli/opengist
          tags: |
            type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }}
            type=semver,pattern={{major}}
@@ -40,6 +66,12 @@ jobs:
          username: ${{ github.repository_owner }}
          password: ${{ secrets.GITHUB_TOKEN }}
      - name: Login to Docker Hub
        uses: docker/login-action@v2
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      - name: Build and push
        uses: docker/build-push-action@v4
        with:
@@ -49,4 +81,4 @@ jobs:
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
          cache-from: type=gha
-          cache-to: type=gha,mode=max
+          cache-to: type=gha,mode=max
--- a/.gitignore
+++ b/.gitignore
@@ -6,3 +6,6 @@ gist.db
 public/assets/*
 public/manifest.json
 opengist
 build/
 docs/.vitepress/dist/
 docs/.vitepress/cache/
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,340 @@
 # Changelog
 ## [1.9.0](https://github.com/thomiceli/opengist/compare/v1.8.4...v1.9.0) - 2025-02-02
 See here how to [update](https://opengist.io/docs/update) Opengist.
 ### Added
 - Topics (tags) for Gists (#413)
 - Gist languages saved in database (#422)
 - Search gists on user profile with title, visibility, language & topics (#422)
 - Jdenticon for default avatars (#416)
 - Git push option for description (#412)
 - MIME type support for raw file serving (#417)
 ### Fixed
 - Skip CSRF for embed gists (#402)
 - Remove CSRF check for Git HTTP packs (#408)
 - Replace path.Join with filepath.Join for file system paths (#414)
 - Empty password error when trying to change the username (#418)
 - Save content form on gist create error (#420)
 ### Other
 - Refactor server code (#407)
 - Remove memdb for gist init (#421)
 - Added Opengist Docker images to Docker Hub
 ## [1.8.4](https://github.com/thomiceli/opengist/compare/v1.8.3...v1.8.4) - 2024-12-15
 See here how to [update](/docs/update.md) Opengist.
 ### Added
 - More translation strings (#398)
 - Custom instance names (#399)
 ### Fixed
 - Prevent passwords managers autofill on filename inputs (#357)
 ## [1.8.3](https://github.com/thomiceli/opengist/compare/v1.8.2...v1.8.3) - 2024-11-26
 See here how to [update](/docs/update.md) Opengist.
 ### Changed
 - Throw `warn` instead of `fatal` on Git global config init failure (#392)
 - Define esbuild as a Javascript dependency for all other platforms (#393)
 ## [1.8.2](https://github.com/thomiceli/opengist/compare/v1.8.1...v1.8.2) - 2024-11-25
 See here how to [update](/docs/update.md) Opengist.
 ### Added
 - More translation strings (#373) (#388)
 ### Changed
 - Enforce git config on startup (#383)
 - Respect file scheme URIs for SQLite. (#387)
 ### Fixed
 - Convert octal notation file names in Git (#380)
 - Git clone on SSH with MySQL (#382)
 - Escaping for embed gists (#381)
 ### Other
 - Update deps Golang & JS deps
 ## [1.8.1](https://github.com/thomiceli/opengist/compare/v1.8.0...v1.8.1) - 2024-11-02
 See here how to [update](/docs/update.md) Opengist.
 ### Changed
 - Hide passkey login when login form is disabled (#369)
 ### Fixed
 - Markdown preview (#368)
 - confirm() popup messages (#370)
 ## [1.8.0](https://github.com/thomiceli/opengist/compare/v1.7.5...v1.8.0) - 2024-10-31
 See here how to [update](https://opengist.io/docs/update) Opengist.
 ### 🔴 Deprecations 
 _Removed in the next SemVer MAJOR version of Opengist._
 * Use the configuration option `db-uri`/`OG_DB_URI` **instead of** `db-filename`/`OG_DB_FILENAME`.\
  More info [here](https://opengist.io/docs/configuration/databases/sqlite) if you plan to keep SQLite as a DBMS for Opengist.
 ### Added
 - Postgres and MySQL databases support (#335)
 - Passkeys & TOTP support + MFA (#341) (#342)
 - Add/Remove admins (#337)
 - Queriable shorter uuids (#338)
 - Use Docker secrets (#340)
 - SVG preview in Markdown (#346)
 - Secret key definition & move the secret key file to its parent directory (#358)
 - More translation strings (#339)
 ### Changed
 - Separate OAuth unlink URL (#336)
 ### Fixed
 - Adding multiple empty lines in editor. (#345)
 - Config URL (#343)
 - Send Markdown preview data as form params (#347)
 - Fix oauth endpoint to support detecting https in 'Forwarded' header, enabling google support (#359)
 - Use mail handle if OAuth nickname is empty (#362)
 ### Other
 - Use go 1.23 and update deps (#354)
 - Typos in README (#363)
 ## [1.7.5](https://github.com/thomiceli/opengist/compare/v1.7.4...v1.7.5) - 2024-09-12
 See here how to [update](/docs/update.md) Opengist.
 ### Added
 - New website for documentation using Vitepress [https://opengist.io](https://opengist.io) (#326)
 - Ukrainian localization (#325)
 - Dummy /metrics endpoint (#327)
 ## [1.7.4](https://github.com/thomiceli/opengist/compare/v1.7.3...v1.7.4) - 2024-09-09
 See here how to [update](/docs/update.md) Opengist.
 ### Added
 - More translations strings (#294) (#304)
 - Hide change password form when login via password disabled (#314)
 - File delete button on create editor (#320)
 - Assets cache header 
 - Hide secret values in admin config page
 - Atomic pointer for indexer (#321)
 ### Fixed
 - Fatal error using `cases.Title()` (#313)
 - Search unlisted gist (#319)
 ### Other
 - Removed logger `trace` and `fatal` levels (#322)
 ## [1.7.3](https://github.com/thomiceli/opengist/compare/v1.7.2...v1.7.3) - 2024-06-03
 See here how to [update](/docs/update.md) Opengist.
 ### Added
 - Setting to allow anonymous access to individual gists while still RequireLogin everywhere else (#229)
 - Make edit visibility a toggle (#277)
 - More translation strings (#274) (#281)
 - String method to visibility (#276)
 ### Fixed
 - Perms for http/ssh clone (#288)
 - Fix translation string (#293)
 ### Other
 - Update deps Golang & JS deps
 - Check translations keys in CI (#279)
 - Fix CI check for additional translations only (#289)
 ## [1.7.2](https://github.com/thomiceli/opengist/compare/v1.7.1...v1.7.2) - 2024-05-05
 See here how to [update](/docs/update.md) Opengist.
 ### Added
 - Docs: 
  - Run with systemd as a normal user (#254)
  - Kubernetes deployment (#258)
 - More translation strings (#269) (#271)
 ### Changed
 - Rework git log parsing and truncating (#260)
 - Set Opengist version from git tags (#261)
 ### Fixed
 - Missing preview button when editing .md gist (#259)
 - Frontend (#267)
  - Fix mermaid display 
  - Move Login/Register buttons on mobile 
  - Set minimum width on avatar
 ### Other
 - Use go 1.22 and update deps (#244)
 ## [1.7.1](https://github.com/thomiceli/opengist/compare/v1.7.0...v1.7.1) - 2024-04-05
 See here how to [update](/docs/update.md) Opengist.
 ### Added
 - Docs: More detailed variant for custom pages (#248)
 ### Fixed
 - Auth page GitlabName Error (#242)
 - Empty invitation on user creation (#247)
 ## [1.7.0](https://github.com/thomiceli/opengist/compare/v1.6.1...v1.7.0) - 2024-04-03
 See here how to [update](/docs/update.md) Opengist.
 Note: all sessions will be invalidated after this update.
 ### Added
 - Custom logo configuration (#209)
 - Custom static links (#234)
 - Invitations for closed registrations (#233)
 - Set gist visibility via Git push options (#215)
 - Set gist URL and title via push options (#216)
 - Specify custom names in the OAuth login buttons (#214)
 - Markdown preview (#224)
 - Reset a user password using CLI (#226)
 - Translations (#207, #210)
 ### Changed
 - Use filesystem session store (#240)
 - Move Git hook logic to Opengist (#213)
 - Increase login for 1 year (#222)
 ### Fixed
 - Show theme change button on responsive devices (#225)
 - New line literal in embed gists (#237)
 ### Other
 - GitHub security updates
 - New docker dev env (#220)
 ## [1.6.1](https://github.com/thomiceli/opengist/compare/v1.6.0...v1.6.1) - 2024-01-06
 See here how to [update](/docs/update.md) Opengist.
 ### Added
 - Healthcheck on Docker container (#204)
 - Translations:
  - fr-FR (#201)
 ### Fixed
 - Directory renaming on username change (#205)
 ## [1.6.0](https://github.com/thomiceli/opengist/compare/v1.5.3...v1.6.0) - 2024-01-04
 See here how to [update](/docs/update.md) Opengist.
 ### Added
 - Embedded gists (#179)
 - Gist code search (#194)
 - Custom URLS for gists (#183)
 - Gist JSON data/metadata (#179)
 - Keep default visibility when creating a gist on the UI (#155)
 - Health check endpoint (#170)
 - GitLab OAuth2 login (#174)
 - Syntax highlighting for more file types (#176) 
 - Checkable Markdown checkboxes (#182)
 - Config:
  - Log output (#172) 
  - Default git branch name (#171)
 - Change username setting (#190)
 - Admin actions:
  - Synchronize all gists previews (#191)
  - Reset Git server hooks for all repositories (#191)
  - Index all gists (#194)
 - Translations:
  - cs-CZ (#164)
  - zh-TW (#166, #195)
  - hu-HU (#185)
  - pt-BR (#193)
 - Docs (#198)
 ### Changed
 - Updated dependencies (#197):
  - Go `1.20` -> `1.21` 
  - JavaScript packages
  - NodeJS Docker image `18` -> `20`
  - Alpine Docker image `3.17` -> `3.19`
 ### Fixed
 - Fix reverse proxy subpath support (#192)
 - Fix undecoded gist content when going back to editing in the UI (#184)
 - Fix outputting non-truncated large files for editon/zip download (#184)
 - Allow dashes in usernames (#184)
 - Delete SSH keys associated to deleted user (#184)
 - Better error message when there is no files in gist (#184)
 - Show if there is no files in gist preview (#184)
 - Log parsing for the 11th empty commit (#184)
 - Optimize reading gist files content (#186)
 ## [1.5.3](https://github.com/thomiceli/opengist/compare/v1.5.2...v1.5.3) - 2023-11-20
 ### Added
 - es-ES translation (#139)
 - Create/change account password (#156)
 - Display OAuth error messages when HTTP 400 (#159)
 ### Fixed
 - Git bare repository branch name creation (#157)
 - Git file truncated output hanging (#157) 
 - Home user directory detection handling (#145)
 - UI changes (#158)
 ## [1.5.2](https://github.com/thomiceli/opengist/compare/v1.5.1...v1.5.2) - 2023-10-16
 ### Added
 - zh-CN translation (#130)
 - ru-RU translation (#135)
 - config.yml usage in the Docker container (#131)
 - Longer title and description (#129)
 ### Fixed
 - Private gist visibility (#128)
 - Dark background color in Markdown rendering (#137)
 - Error handling for password hashes (#132)
 ## [1.5.1](https://github.com/thomiceli/opengist/compare/v1.5.0...v1.5.1) - 2023-09-29
 ### Added
 - Hungarian translations (#123)
 ### Fixed
 - .c and .h syntax highlighting (#119)
 - Login page disabled depending on locale (#120)
 - Syntax error on templates when calling locale function (#122)
 ## [1.5.0](https://github.com/thomiceli/opengist/compare/v1.4.2...v1.5.0) - 2023-09-26
 ### Added
 - Private Gist visibility (#87)
 - Create gists from a special Git HTTP server remote URL (#95)
 - OIDC provider integration (#98)
 - Translation system (#104)
 - Run `git gc` on all repositories as admin (#90)
 - Unit and integration tests (#97)
 - Documentation (#110, #111)
 - New logo (#103)
 ### Changed
 - Use Non-CGO SQLite instead of CGO SQLite (#100)
 - Various UI changes (#84, #93)
 - Improved CI/CD pipeline (#99, #113)
 - Improved git http semantics and repo obfuscation (#94)
 - Updated Go deps (#102)
 ### Fixed
 - Find command for Windows users (#89)
 - Retain visibility when editing a gist (#83)
 - Typo on admin index page (#85)
 - ViteJS dev server (#91)
 - Bugs (#105)
 ### Breaking changes
 - Removed CONFIG env var
 - Removed TLS server (#101)
 ## [1.4.2](https://github.com/thomiceli/opengist/compare/v1.4.1...v1.4.2) - 2023-07-17
 ### Added
 - External url to HTML links & redirects (#75)
 - Make unlisted gists not SEO crawlable (#78)
 - Warning message on OAuth unlink (#79)
 ### Changed
 - Redirect to `/all` when not logged in (#76)
 - Removed Dev Docker image (#80)
 ## [1.4.1](https://github.com/thomiceli/opengist/compare/v1.4.0...v1.4.1) - 2023-06-25
 ### ⚠️ Docker users ⚠️
 Opengist Docker volume has been changed from `/root/.opengist` to `/opengist`, do not forget to update your
--- a/43
+++ b/43
@@ -1,16 +1,25 @@
-FROM alpine:3.17 AS build
+FROM alpine:3.19 AS base
 RUN apk update && \
-    apk add --no-cache \
+        apk add --no-cache \
-    make \
+        make \
-    gcc \
+        shadow \
-    musl-dev \
+        openssl \
-    libstdc++
+        openssh \
        curl \
        wget \
        git \
        gnupg \
        xz \
        gcc \
        musl-dev \
        libstdc++
-COPY --from=golang:1.19-alpine /usr/local/go/ /usr/local/go/
+COPY --from=golang:1.23-alpine /usr/local/go/ /usr/local/go/
 ENV PATH="/usr/local/go/bin:${PATH}"
 ENV CGO_ENABLED=0
-COPY --from=node:18-alpine /usr/local/ /usr/local/
+COPY --from=node:20-alpine /usr/local/ /usr/local/
 ENV NODE_PATH="/usr/local/lib/node_modules"
 ENV PATH="/usr/local/bin:${PATH}"
@@ -18,10 +27,21 @@ WORKDIR /opengist
 COPY . .
 FROM base AS dev
 EXPOSE 6157 2222 16157
 VOLUME /opengist
 CMD ["make", "watch"]
 FROM base AS build
 RUN make
-FROM alpine:3.17 as run
+FROM alpine:3.19 as prod
 RUN apk update && \
    apk add --no-cache \
@@ -38,7 +58,9 @@ RUN apk update && \
    libstdc++
 RUN addgroup -S opengist && \
-    adduser -S -G opengist -H -s /bin/ash -g 'Opengist User' opengist
+    adduser -S -G opengist -s /bin/ash -g 'Opengist User' opengist
 COPY --from=build --chown=opengist:opengist /opengist/config.yml config.yml
 WORKDIR /app/opengist
@@ -47,4 +69,5 @@ COPY --from=build --chown=opengist:opengist /opengist/docker ./docker
 EXPOSE 6157 2222
 VOLUME /opengist
 HEALTHCHECK --interval=60s --timeout=30s --start-period=15s --retries=3 CMD curl -f http://localhost:6157/healthcheck || exit 1
 ENTRYPOINT ["./docker/entrypoint.sh"]
--- a/49
+++ b/49
@@ -1,9 +1,14 @@
-.PHONY: all install build_frontend build_backend build build_docker watch_frontend watch_backend watch clean clean_docker
+.PHONY: all all_crosscompile install build_frontend build_backend build build_crosscompile build_docker build_dev_docker run_dev_docker watch_frontend watch_backend watch clean clean_docker check_changes go_mod fmt test check-tr
 # Specify the name of your Go binary output
 BINARY_NAME := opengist
 GIT_TAG := $(shell git describe --tags)
 VERSION_PKG := github.com/thomiceli/opengist/internal/config.OpengistVersion
 TEST_DB_TYPE ?= sqlite
-all: install build
+all: clean install build
 all_crosscompile: clean install build_frontend build_crosscompile
 install:
 	@echo "Installing NPM dependencies..."
@@ -13,34 +18,62 @@ install:
 build_frontend:
 	@echo "Building frontend assets..."
-	npx vite build
+	npx vite -c public/vite.config.js build
 	@EMBED=1 npx postcss 'public/assets/embed-*.css' -c public/postcss.config.js --replace # until we can .nest { @tailwind } in Sass
 build_backend:
 	@echo "Building Opengist binary..."
-	go build -tags fs_embed -o $(BINARY_NAME) .
+	go build -tags fs_embed -ldflags "-X $(VERSION_PKG)=$(GIT_TAG)" -o $(BINARY_NAME) .
 build: build_frontend build_backend
 build_crosscompile:
 	@bash ./scripts/build-all.sh
 build_docker:
 	@echo "Building Docker image..."
 	docker build -t $(BINARY_NAME):latest .
 build_dev_docker:
 	@echo "Building Docker image..."
 	docker build -t $(BINARY_NAME)-dev:latest --target dev .
 run_dev_docker:
 	docker run -v .:/opengist -p 6157:6157 -p 16157:16157 -p 2222:2222 -v $(HOME)/.opengist-dev:/root/.opengist --rm $(BINARY_NAME)-dev:latest
 watch_frontend:
 	@echo "Building frontend assets..."
-	npx vite dev --port 16157
+	npx vite -c public/vite.config.js dev --port 16157 --host
 watch_backend:
 	@echo "Building Opengist binary..."
-	OG_DEV=1 npx nodemon --watch '**/*' -e html,yml,go,js --signal SIGTERM --exec 'go run . --config config.yml'
+	OG_DEV=1 npx nodemon --watch '**/*' -e html,yml,go,js --signal SIGTERM --exec 'go run -ldflags "-X $(VERSION_PKG)=$(GIT_TAG)" . --config config.yml'
 watch:
-	@bash ./watch.sh
+	@sh ./scripts/watch.sh
 clean:
 	@echo "Cleaning up build artifacts..."
 	@rm -f $(BINARY_NAME) public/manifest.json
-	@rm -rf public/assets
+	@rm -rf public/assets build
 clean_docker:
 	@echo "Cleaning up Docker image..."
 	@docker rmi $(BINARY_NAME)
 check_changes:
 	@echo "Checking for changes..."
 	@git --no-pager diff --exit-code || (echo "There are unstaged changes detected." && exit 1)
 go_mod:
 	@go mod download
 	@go mod tidy
 fmt:
 	@go fmt ./...
 test:
 	@OPENGIST_TEST_DB=$(TEST_DB_TYPE) go test ./... -p 1
 check-tr:
 	@bash ./scripts/check-translations.sh
--- a/README.md
+++ b/README.md
@@ -1,66 +1,44 @@
 # Opengist
 <img height="108px" src="https://raw.githubusercontent.com/thomiceli/opengist/master/public/opengist.svg" alt="Opengist" align="right" />
 Opengist is a **self-hosted** Pastebin **powered by Git**. All snippets are stored in a Git repository and can be
 read and/or modified using standard Git commands, or with the web interface.
 It is similar to [GitHub Gist](https://gist.github.com/), but open-source and could be self-hosted.
 [Home Page](https://opengist.io) • [Documentation](https://opengist.io/docs) • [Discord](https://discord.gg/9Pm3X5scZT) • [Demo](https://demo.opengist.io)
 ![GitHub release (latest SemVer)](https://img.shields.io/github/v/release/thomiceli/opengist?sort=semver)
 ![License](https://img.shields.io/github/license/thomiceli/opengist?color=blue)
-![GitHub Workflow Status](https://img.shields.io/github/actions/workflow/status/thomiceli/opengist/go.yml)
+[![Go CI](https://github.com/thomiceli/opengist/actions/workflows/go.yml/badge.svg)](https://github.com/thomiceli/opengist/actions/workflows/go.yml)
 [![Go Report Card](https://goreportcard.com/badge/github.com/thomiceli/opengist)](https://goreportcard.com/report/github.com/thomiceli/opengist)
-
+[![Translate](https://tr.opengist.io/widget/_/svg-badge.svg)](https://tr.opengist.io/projects/_/opengist/)
 A self-hosted pastebin **powered by Git**. [Try it here](https://opengist.thomice.li).
 * [Features](#features)
 * [Install](#install)
    * [With Docker](#with-docker)
    * [From source](#from-source)
 * [Configuration](#configuration)
    * [Via YAML file](#configuration-via-yaml-file)
    * [Via Environment Variables](#configuration-via-environment-variables)
 * [Administration](#administration)
    * [Use Nginx as a reverse proxy](#use-nginx-as-a-reverse-proxy)
    * [Use Fail2ban](#use-fail2ban)
 * [Configure OAuth](#configure-oauth)
 * [License](#license)
 ## Features
-* Create public or unlisted snippets
+* Create public, unlisted or private snippets
-* Clone / Pull / Push snippets **via Git** over HTTP or SSH
+* [Init](/docs/usage/init-via-git.md) / Clone / Pull / Push snippets **via Git** over HTTP or SSH
 * Revisions history
 * Syntax highlighting ; markdown & CSV support
 * Search code in snippets; browse users snippets, likes and forks
 * Add topics to snippets
 * Embed snippets in other websites
 * Revisions history
 * Like / Fork snippets
 * Search for snippets ; browse users snippets, likes and forks
 * Editor with indentation mode & size ; drag and drop files
 * Download raw files or as a ZIP archive
-* OAuth2 login with GitHub and Gitea
+* OAuth2 login with GitHub, GitLab, Gitea, and OpenID Connect
 * Avatars via Gravatar or OAuth2 providers
 * Light/Dark mode
 * Responsive UI
 * Enable or disable signups
 * Restrict or unrestrict snippets visibility to anonymous users
 * Admin panel : delete users/gists; clean database/filesystem by syncing gists
 * SQLite database
 * Logging
 * Docker support
 * [More...](/docs/introduction.md#features)
-#### Todo
+## Quick start
 - [ ] Translation
 - [ ] Code/text search
 - [ ] Embed snippets
 - [ ] Tests
 - [ ] Filesystem/Redis support for user sessions
 - [ ] Have a cool logo
 ## Install
 ### With Docker
-Docker [images](https://github.com/thomiceli/opengist/pkgs/container/opengist) are available for each release (`latest`)
+Docker [images](https://github.com/thomiceli/opengist/pkgs/container/opengist) are available for each release :
 and last development commit (`dev`) :
 ```shell
-docker pull ghcr.io/thomiceli/opengist       # most recent release
+docker pull ghcr.io/thomiceli/opengist:1.9
 docker pull ghcr.io/thomiceli/opengist:dev   # latest development version
 ```
 It can be used in a `docker-compose.yml` file :
@@ -70,11 +48,9 @@ It can be used in a `docker-compose.yml` file :
 3. Opengist is now running on port 6157, you can browse http://localhost:6157
 ```yml
 version: "3"
 services:
  opengist:
-    image: ghcr.io/thomiceli/opengist:1.4
+    image: ghcr.io/thomiceli/opengist:1.9
    container_name: opengist
    restart: unless-stopped
    ports:
@@ -95,9 +71,25 @@ services:
      GID: 1001
 ```
 ### Via binary
 Download the archive for your system from the release page [here](https://github.com/thomiceli/opengist/releases/latest), and extract it.
 ```shell
 # example for linux amd64
 wget https://github.com/thomiceli/opengist/releases/download/v1.9.0/opengist1.9.0-linux-amd64.tar.gz
 tar xzvf opengist1.9.0-linux-amd64.tar.gz
 cd opengist
 chmod +x opengist
 ./opengist # with or without `--config config.yml`
 ```
 Opengist is now running on port 6157, you can browse http://localhost:6157
 ### From source
-Requirements : [Git](https://git-scm.com/downloads) (2.20+), [Go](https://go.dev/doc/install) (1.19+), [Node.js](https://nodejs.org/en/download/) (16+)
+Requirements: [Git](https://git-scm.com/downloads) (2.28+), [Go](https://go.dev/doc/install) (1.23+), [Node.js](https://nodejs.org/en/download/) (16+), [Make](https://linux.die.net/man/1/make) (optional, but easier)
 ```shell
 git clone https://github.com/thomiceli/opengist
@@ -108,153 +100,15 @@ make
 Opengist is now running on port 6157, you can browse http://localhost:6157
-## Configuration
+---
-Opengist provides flexible configuration options through either a YAML file and/or environment variables. 
+To create and run a development environment, see [run-development.md](/docs/contributing/development.md).
 You would only need to specify the configuration options you want to change — for any config option left untouched, Opengist will simply apply the default values.
-<details>
+## Documentation
 <summary>Configuration option list</summary>
-| YAML Config Key       | Environment Variable     | Default value        | Description                                                                                                                       | 
+The documentation is available at [https://opengist.io/](https://opengist.io/) or in the [/docs](/docs) directory.
 |-----------------------|--------------------------|----------------------|-----------------------------------------------------------------------------------------------------------------------------------|
 | log-level             | OG_LOG_LEVEL             | `warn`               | Set the log level to one of the following: `trace`, `debug`, `info`, `warn`, `error`, `fatal`, `panic`.                           |
 | external-url          | OG_EXTERNAL_URL          | none                 | Public URL for the Git HTTP/SSH connection. If not set, uses the URL from the request.                                            |
 | opengist-home         | OG_OPENGIST_HOME         | home directory       | Path to the directory where Opengist stores its data.                                                                             |
 | db-filename           | OG_DB_FILENAME           | `opengist.db`        | Name of the SQLite database file.                                                                                                 |
 | sqlite.journal-mode   | OG_SQLITE_JOURNAL_MODE   | `WAL`                | Set the journal mode for SQLite. More info [here](https://www.sqlite.org/pragma.html#pragma_journal_mode)                         |
 | http.host             | OG_HTTP_HOST             | `0.0.0.0`            | The host on which the HTTP server should bind.                                                                                    |
 | http.port             | OG_HTTP_PORT             | `6157`               | The port on which the HTTP server should listen.                                                                                  |
 | http.git-enabled      | OG_HTTP_GIT_ENABLED      | `true`               | Enable or disable git operations (clone, pull, push) via HTTP. (`true` or `false`)                                                |
 | http.tls-enabled      | OG_HTTP_TLS_ENABLED      | `false`              | Enable or disable TLS for the HTTP server. (`true` or `false`)                                                                    |
 | http.cert-file        | OG_HTTP_CERT_FILE        | none                 | Path to the TLS certificate file if TLS is enabled.                                                                               |
 | http.key-file         | OG_HTTP_KEY_FILE         | none                 | Path to the TLS key file if TLS is enabled.                                                                                       |
 | ssh.git-enabled       | OG_SSH_GIT_ENABLED       | `true`               | Enable or disable git operations (clone, pull, push) via SSH. (`true` or `false`)                                                 |
 | ssh.host              | OG_SSH_HOST              | `0.0.0.0`            | The host on which the SSH server should bind.                                                                                     |
 | ssh.port              | OG_SSH_PORT              | `2222`               | The port on which the SSH server should listen.                                                                                   |
 | ssh.external-domain   | OG_SSH_EXTERNAL_DOMAIN   | none                 | Public domain for the Git SSH connection, if it has to be different from the HTTP one. If not set, uses the URL from the request. |
 | ssh.keygen-executable | OG_SSH_KEYGEN_EXECUTABLE | `ssh-keygen`         | Path to the SSH key generation executable.                                                                                        |
 | github.client-key     | OG_GITHUB_CLIENT_KEY     | none                 | The client key for the GitHub OAuth application.                                                                                  |
 | github.secret         | OG_GITHUB_SECRET         | none                 | The secret for the GitHub OAuth application.                                                                                      |
 | gitea.client-key      | OG_GITEA_CLIENT_KEY      | none                 | The client key for the Gitea OAuth application.                                                                                   |
 | gitea.secret          | OG_GITEA_SECRET          | none                 | The secret for the Gitea OAuth application.                                                                                       |
 | gitea.url             | OG_GITEA_URL             | `https://gitea.com/` | The URL of the Gitea instance.                                                                                                    |
 </details>
 ### Configuration via YAML file
 The configuration file must be specified when launching the application, using the `--config` flag followed by the path to your YAML file.
 ```shell
 ./opengist --config /path/to/config.yml
 ```
 You can start by copying and/or modifying the provided [config.yml](config.yml) file.
 ### Configuration via Environment Variables
 Usage with Docker Compose :
 ```yml
 services:
  opengist:
    # ...
    environment:
      OG_LOG_LEVEL: "info"
      # etc.
 ```
 Usage via command line :
 ```shell
 OG_LOG_LEVEL=info ./opengist
 ```
 ## Administration
 ### Use Nginx as a reverse proxy
 Configure Nginx to proxy requests to Opengist. Here is an example configuration file :
 ```
 server {
    listen 80;
    server_name opengist.example.com;
    location / {
        proxy_pass http://127.0.0.1:6157;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
 }
 ```
 Then run :
 ```shell
 service nginx restart
 ```
 ### Use Fail2ban
 Fail2ban can be used to ban IPs that try to bruteforce the login page.
 Log level must be set at least to `warn`.
 Add this filter in `etc/fail2ban/filter.d/opengist.conf` :
 ```ini
 [Definition]
 failregex =  Invalid .* authentication attempt from <HOST>
 ignoreregex =
 ```
 Add this jail in `etc/fail2ban/jail.d/opengist.conf` :
 ```ini
 [opengist]
 enabled = true
 filter = opengist
 logpath = /home/*/.opengist/log/opengist.log
 maxretry = 10
 findtime = 3600
 bantime = 600
 banaction = iptables-allports
 port = anyport
 ```
 Then run
 ```shell
 service fail2ban restart
 ```
 ## Configure OAuth
 Opengist can be configured to use OAuth to authenticate users, with GitHub or Gitea.
 <details>
 <summary>Integrate Github</summary>
 * Add a new OAuth app in your [Github account settings](https://github.com/settings/applications/new)
 * Set 'Authorization callback URL' to `http://opengist.domain/oauth/github/callback`
 * Copy the 'Client ID' and 'Client Secret' and add them to the configuration :
  ```yaml
  github.client-key: <key>
  github.secret: <secret>
  ```
 </details>
 <details>
 <summary>Integrate Gitea</summary>
 * Add a new OAuth app in Application settings from the [Gitea instance](https://gitea.com/user/settings/applications)
 * Set 'Redirect URI' to `http://opengist.domain/oauth/gitea/callback`
 * Copy the 'Client ID' and 'Client Secret' and add them to the configuration :
  ```yaml
  gitea.client-key: <key>
  gitea.secret: <secret>
  # URL of the Gitea instance. Default: https://gitea.com/
  gitea.url: http://localhost:3000
  ```
 </details>
 ## License
-Opengist is licensed under the [AGPL-3.0 license](LICENSE).
+Opengist is licensed under the [AGPL-3.0 license](/LICENSE).
--- a/config.yml
+++ b/config.yml
@@ -1,21 +1,43 @@
-# Set the log level to one of the following: trace, debug, info, warn, error, fatal, panic. Default: warn
+# Learn more about Opengist configuration here:
 # https://github.com/thomiceli/opengist/blob/master/docs/configuration/configure.md
 # https://github.com/thomiceli/opengist/blob/master/docs/configuration/cheat-sheet.md
 # Set the log level to one of the following: debug, info, warn, error, fatal. Default: warn
 log-level: warn
-# Public URL for the Git HTTP/SSH connection.
+# Set the log output to one or more of the following: `stdout`, `file`. Default: stdout,file
-# If not set, uses the URL from the request
+log-output: stdout,file
 # Public URL to access to Opengist
 external-url:
 # Directory where Opengist will store its data. Default: ~/.opengist/
 opengist-home:
-# Name of the SQLite database file. Default: opengist.db
+# Secret key used for session store & encrypt MFA data on database. Default: <randomized 32 bytes>
-db-filename: opengist.db
+secret-key:
 # URI of the database. Default: opengist.db (SQLite) is placed in opengist-home
 # SQLite:        file:/path/to/database
 # PostgreSQL:    postgres://user:password@host:port/database
 # MySQL/MariaDB: mysql://user:password@host:port/database
 db-uri: opengist.db
 # Enable or disable the code search index (either `true` or `false`). Default: true
 index.enabled: true
 # Name of the directory where the code search index is stored. Default: opengist.index
 index.dirname: opengist.index
 # Default branch name used by Opengist when initializing Git repositories.
 # If not set, uses the Git default branch name. See https://git-scm.com/book/en/v2/Getting-Started-First-Time-Git-Setup#_new_default_branch
 git.default-branch:
 # Set the journal mode for SQLite. Default: WAL
 # See https://www.sqlite.org/pragma.html#pragma_journal_mode
 # For SQLite databases only.
 sqlite.journal-mode: WAL
 # HTTP server configuration
 # Host to bind to. Default: 0.0.0.0
 http.host: 0.0.0.0
@@ -26,15 +48,6 @@ http.port: 6157
 # Enable or disable git operations (clone, pull, push) via HTTP (either `true` or `false`). Default: true
 http.git-enabled: true
 # Enable or disable TLS (either `true` or `false`). Default: false
 http.tls-enabled: false
 # Path to the TLS certificate file if TLS is enabled
 http.cert-file:
 # Path to the TLS key file if TLS is enabled
 http.key-file:
 # SSH built-in server configuration
 # Note: it is not using the SSH daemon from your machine (yet)
@@ -58,16 +71,48 @@ ssh.external-domain:
 # Path or alias to ssh-keygen executable. Default: ssh-keygen
 ssh.keygen-executable: ssh-keygen
 # OAuth2 configuration
-# The callback/redirect URL must be http://opengist.domain/oauth/<github|gitea>/callback
+# The callback/redirect URL must be http://opengist.url/oauth/<github|gitlab|gitea|openid-connect>/callback
 # To create a new OAuth2 application using GitHub : https://github.com/settings/applications/new
 github.client-key:
 github.secret:
 # To create a new OAuth2 application using Gitlab : https://gitlab.com/-/user_settings/applications
 gitlab.client-key:
 gitlab.secret:
 # URL of the Gitlab instance. Default: https://gitlab.com/
 gitlab.url: https://gitlab.com/
 # The name of the GitLab instance. It is displayed in the OAuth login button. Default: GitLab
 gitlab.name: GitLab
 # To create a new OAuth2 application using Gitea : https://gitea.domain/user/settings/applications
 gitea.client-key:
 gitea.secret:
 # URL of the Gitea instance. Default: https://gitea.com/
 gitea.url: https://gitea.com/
 # The name of the Gitea instance. It is displayed in the OAuth login button. Default: Gitea
 gitea.name: Gitea
 # To create a new OAuth2 application using OpenID Connect:
 oidc.client-key:
 oidc.secret:
 # Discovery endpoint of the OpenID provider. Generally something like http://auth.example.com/.well-known/openid-configuration
 oidc.discovery-url:
 # Instance name
 # Set your own custom name to be displayed instead of 'Opengist'
 custom.name:
 # Custom assets
 # Add your own custom assets, that are files relatives to $opengist-home/custom/
 custom.logo:
 custom.favicon:
 # Static pages in footer (like legal notices, privacy policy, etc.)
 # The path can be a URL or a relative path to a file in the $opengist-home/custom/ directory
 custom.static-links:
 #  - name: Gitea
 #    path: https://gitea.com
 #  - name: Legal notices
 #    path: legal.html
--- a/deploy/README.md
+++ b/deploy/README.md
@@ -0,0 +1,75 @@
 # kustomize
 ## Simple
 `kustomization.yaml`:
 ```yaml
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 metadata:
  name: opengist
 resources:
  - https://github.com/thomiceli/opengist/deploy/
 ```
 ## Full example
 `kustomization.yaml`:
 ```yaml
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 metadata:
  name: opengist
 namespace: opengist
 resources:
  - namespace.yaml
  - https://github.com/thomiceli/opengist/deploy/?ref:v1.9.0
 images:
  - name: ghcr.io/thomiceli/opengist
    newTag: 1.9.0
 patches:
  # Add your ingress
  - path: ingress.yaml
  - patch: |-
      - op: add
        path: /spec/rules/0/host
        value: opengist.mydomain.com
    target:
      group: networking.k8s.io
      version: v1
      kind: Ingress
      name: opengist
 ```
 `namespace.yaml`:
 ```yaml
 apiVersion: v1
 kind: Namespace
 metadata:
  name: opengist
 ```
 `ingress.yaml`:
 ```yaml
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
  name: opengist
  annotations:
    cert-manager.io/cluster-issuer: letsencrypt-production
 spec:
  ingressClassName: nginx
  tls:
    - hosts:
        - opengist.mydomain.com
      secretName: opengist-tls
 ```
--- a/deploy/deployment.yaml
+++ b/deploy/deployment.yaml
@@ -0,0 +1,29 @@
 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: opengist
 spec:
  selector:
    matchLabels:
      app.kubernetes.io/name: opengist
  template:
    metadata:
      labels:
        app.kubernetes.io/name: opengist
    spec:
      containers:
        - name: opengist
          image: ghcr.io/thomiceli/opengist
          ports:
            - name: http
              containerPort: 6157
            - name: ssh
              containerPort: 2222
          volumeMounts:
            - mountPath: /opengist
              name: data
      volumes:
        - name: data
          persistentVolumeClaim:
            claimName: opengist-data
--- a/deploy/ingress.yaml
+++ b/deploy/ingress.yaml
@@ -0,0 +1,20 @@
 ---
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
  name: opengist
  labels:
    app.kubernetes.io/name: opengist
    app.kubernetes.io/component: ingress
 spec:
  rules:
    - host: opengist.local
      http:
        paths:
          - pathType: Prefix
            path: "/"
            backend:
              service:
                name: opengist
                port:
                  name: http
--- a/deploy/kustomization.yaml
+++ b/deploy/kustomization.yaml
@@ -0,0 +1,11 @@
 ---
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 metadata:
  name: opengist
 resources:
  - deployment.yaml
  - pvc.yaml
  - ingress.yaml
  - service.yaml
--- a/deploy/pvc.yaml
+++ b/deploy/pvc.yaml
@@ -0,0 +1,15 @@
 ---
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
  name: opengist-data
  labels:
    app.kubernetes.io/name: opengist
    app.kubernetes.io/component: data
 spec:
  resources:
    requests:
      storage: 1Gi
  volumeMode: Filesystem
  accessModes:
    - ReadWriteOnce
--- a/deploy/service.yaml
+++ b/deploy/service.yaml
@@ -0,0 +1,14 @@
 ---
 apiVersion: v1
 kind: Service
 metadata:
  name: opengist
  labels:
    app.kubernetes.io/name: opengist
 spec:
  selector:
    app.kubernetes.io/name: opengist
  ports:
    - port: 80
      targetPort: http
      name: http
--- a/docker/entrypoint.sh
+++ b/docker/entrypoint.sh
@@ -7,5 +7,12 @@ groupmod -o -g "$GID" $USER
 usermod -o -u "$UID" $USER
 chown -R "$USER:$USER" /opengist
 chown -R "$USER:$USER" /config.yml
-exec su $USER -c "OG_OPENGIST_HOME=/opengist /app/opengist/opengist"
+if [ -f "/run/secrets/opengist_secrets" ]; then
    set -a
    . /run/secrets/opengist_secrets
    set +a
 fi
 exec su $USER -c "OG_OPENGIST_HOME=/opengist /app/opengist/opengist --config /config.yml"
--- a/docs/.vitepress/config.mts
+++ b/docs/.vitepress/config.mts
@@ -0,0 +1,95 @@
 import {defineConfig} from 'vitepress'
 // https://vitepress.dev/reference/site-config
 export default defineConfig({
    title: "Opengist",
    description: "Documention for Opengist",
    rewrites: {
        'index.md': 'index.md',
        'introduction.md': 'docs/index.md',
        ':path(.*)': 'docs/:path'
    },
    themeConfig: {
        // https://vitepress.dev/reference/default-theme-config
        logo: 'https://raw.githubusercontent.com/thomiceli/opengist/master/public/opengist.svg',
        logoLink: '/',
        nav: [
            { text: 'Demo', link: 'https://demo.opengist.io' },
            { text: 'Translate', link: 'https://tr.opengist.io' }
        ],
        sidebar: {
            '/docs/': [
            {
                text: '', items: [
                    {text: 'Introduction', link: '/docs'},
                    {text: 'Installation', link: '/docs/installation', items: [
                        {text: 'Docker', link: '/docs/installation/docker'},
                        {text: 'Binary', link: '/docs/installation/binary'},
                        {text: 'Source', link: '/docs/installation/source'},
                        ],
                        collapsed: true
                    },
                    {text: 'Update', link: '/docs/update'},
                ], collapsed: false
            },
            {
                text: 'Configuration', base: '/docs/configuration', items: [
                    {text: 'Configure Opengist', link: '/configure'},
                    {text: 'Databases', items: [
                        {text: 'SQLite', link: '/databases/sqlite'},
                        {text: 'PostgreSQL', link: '/databases/postgresql'},
                        {text: 'MySQL', link: '/databases/mysql'},
                        ], collapsed: true
                    },
                    {text: 'OAuth Providers', link: '/oauth-providers'},
                    {text: 'Custom assets', link: '/custom-assets'},
                    {text: 'Custom links', link: '/custom-links'},
                    {text: 'Cheat Sheet', link: '/cheat-sheet'},
                    {text: 'Admin panel', link: '/admin-panel'},
                ], collapsed: false
            },
            {
                text: 'Usage', base: '/docs/usage', items: [
                    {text: 'Init via Git', link: '/init-via-git'},
                    {text: 'Embed Gist', link: '/embed'},
                    {text: 'Gist as JSON', link: '/gist-json'},
                    {text: 'Import Gists from Github', link: '/import-from-github-gist'},
                    {text: 'Git push options', link: '/git-push-options'},
                ], collapsed: false
            },
            {
                text: 'Administration', base: '/docs/administration', items: [
                    {text: 'Run with systemd', link: '/run-with-systemd'},
                    {text: 'Reverse proxy', items: [
                        {text: 'Nginx', link: '/nginx-reverse-proxy'},
                        {text: 'Traefik', link: '/traefik-reverse-proxy'},
                    ], collapsed: true},
                    {text: 'Fail2ban', link: '/fail2ban-setup'},
                    {text: 'Healthcheck', link: '/healthcheck'},
                ], collapsed: false
            },
            {
                text: 'Contributing', base: '/docs/contributing', items: [
                    {text: 'Community', link: '/community'},
                    {text: 'Development', link: '/development'},
                ], collapsed: false
            },
        ]},
        socialLinks: [
            {icon: 'github', link: 'https://github.com/thomiceli/opengist'}
        ],
        editLink: {
            pattern: 'https://github.com/thomiceli/opengist/edit/stable/docs/:path'
        },
        // @ts-ignore
        lastUpdated: true,
    },
    head: [
        ['link', {rel: 'icon', href: '/favicon.svg'}],
    ],
    ignoreDeadLinks: true
 })
--- a/docs/.vitepress/tailwind.config.js
+++ b/docs/.vitepress/tailwind.config.js
@@ -1,8 +1,9 @@
 const colors = require('tailwindcss/colors')
 /** @type {import('tailwindcss').Config} */
 module.exports = {
  content: [
-    "./templates/**/*.html",
+    "./.vitepress/theme/*.vue",
  ],
  theme: {
    colors: {
@@ -22,9 +23,8 @@ module.exports = {
        800: "#232429",
        900: "#131316"
      },
-      rose: colors.rose,
+      indigo: colors.indigo,
-      primary: colors.sky,
+
      slate: colors.slate
    },
    extend: {
      borderWidth: {
@@ -32,6 +32,6 @@ module.exports = {
      }
    },
  },
-  plugins: [require("@tailwindcss/typography"),require('@tailwindcss/forms')],
+  plugins: [],
  darkMode: 'class',
 }
--- a/docs/.vitepress/theme/Home.vue
+++ b/docs/.vitepress/theme/Home.vue
@@ -0,0 +1,101 @@
 <script>
 import { withBase } from 'vitepress';
 import './theme.css'
 export default {
  setup() {
    return { withBase };
  },
 };
 </script>
 <template>
  <main class="home">
    <header class="hero">
      <div class="mx-auto max-w-7xl px-6 lg:px-8">
        <div class="mx-auto  lg:text-center">
          <img class="rotating h-36 mx-auto my-8 " src="https://raw.githubusercontent.com/thomiceli/opengist/master/public/opengist.svg" alt="" >
          <a target="_blank" href="https://github.com/thomiceli/opengist/releases" class="inline-flex items-center rounded-full bg-indigo-100 hover:bg-indigo-200 px-4 py-1.5 text-lg font-medium text-indigo-700">
              <span class="pr-1">Released 1.9</span>
                        <svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke-width="1.5" stroke="currentColor" class="size-4">
              <path stroke-linecap="round" stroke-linejoin="round" d="m4.5 19.5 15-15m0 0H8.25m11.25 0v11.25" />
            </svg>
            </a>
            <h1 class="mt-5 text-4xl font-bold tracking-tight sm:text-5xl">Opengist</h1>
            <h2 class="mt-4 text-xl">Self-hosted pastebin powered by Git, open-source alternative to Github Gist.</h2>
          </div>
        <div class="space-x-2 my-12">
          <a href="/docs" class="rounded-md bg-indigo-600 mt-6 px-5 py-3 text-xl font-semibold text-white shadow-sm hover:bg-indigo-500 focus-visible:outline focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-indigo-600">Docs</a>
          <a target="_blank" href="https://demo.opengist.io" class="rounded-md bg-indigo-400 mt-6 px-5 py-3 text-xl border-white font-semibold text-white shadow-sm hover:bg-indigo-300 focus-visible:outline focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-indigo-600">Live demo</a>
          <a target="_blank" href="https://github.com/thomiceli/opengist" class="rounded-md bg-gray-800 mt-6 px-3 py-3 text-xl dark:border dark:border-1 dark:border-gray-400 font-semibold text-white shadow-sm hover:bg-gray-700 focus-visible:outline focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-indigo-600">
            <svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 16 16" class="w-7 h-auto inline" height="1em" width="1em" xmlns="http://www.w3.org/2000/svg"><path d="M8 0C3.58 0 0 3.58 0 8c0 3.54 2.29 6.53 5.47 7.59.4.07.55-.17.55-.38 0-.19-.01-.82-.01-1.49-2.01.37-2.53-.49-2.69-.94-.09-.23-.48-.94-.82-1.13-.28-.15-.68-.52-.01-.53.63-.01 1.08.58 1.23.82.72 1.21 1.87.87 2.33.66.07-.52.28-.87.51-1.07-1.78-.2-3.64-.89-3.64-3.95 0-.87.31-1.59.82-2.15-.08-.2-.36-1.02.08-2.12 0 0 .67-.21 2.2.82.64-.18 1.32-.27 2-.27s1.36.09 2 .27c1.53-1.04 2.2-.82 2.2-.82.44 1.1.16 1.92.08 2.12.51.56.82 1.27.82 2.15 0 3.07-1.87 3.75-3.65 3.95.29.25.54.73.54 1.48 0 1.07-.01 1.93-.01 2.2 0 .21.15.46.55.38A8.01 8.01 0 0 0 16 8c0-4.42-3.58-8-8-8"></path></svg>
          </a>
        </div>
        <div class="border border-1 mt-6 px-5 py-3 rounded-md shadow-sm ">
          <code class="select-all ">docker run --name <span class="text-indigo-700 dark:text-indigo-300 font-bold">opengist</span> -p <span class="text-indigo-700 dark:text-indigo-300 font-bold">6157</span>:6157 -v "<span class="text-indigo-700 dark:text-indigo-300 font-bold">$HOME/.opengist</span>:/opengist" ghcr.io/thomiceli/opengist:1</code>
        </div>
      </div>
    </header>
    <div class="relative w-full sm:max-w-7xl mx-auto overflow-auto">
      <img class="block w-[200vw] max-w-none sm:w-full h-auto" :src="withBase('/opengist-demo.png')" alt="demo-opengist-screenshot" />
    </div>
  </main>
 </template>
 <style>
@-webkit-keyframes rotating /* Safari and Chrome */ {
  from {
    -webkit-transform: rotate(0deg);
    -o-transform: rotate(0deg);
    transform: rotate(0deg);
  }
  to {
    -webkit-transform: rotate(360deg);
    -o-transform: rotate(360deg);
    transform: rotate(360deg);
  }
 }
@keyframes rotating {
  from {
    -ms-transform: rotate(0deg);
    -moz-transform: rotate(0deg);
    -webkit-transform: rotate(0deg);
    -o-transform: rotate(0deg);
    transform: rotate(0deg);
  }
  to {
    -ms-transform: rotate(360deg);
    -moz-transform: rotate(360deg);
    -webkit-transform: rotate(360deg);
    -o-transform: rotate(360deg);
    transform: rotate(360deg);
  }
 }
 .home {
  -webkit-font-smoothing: antialiased;
  -moz-osx-font-smoothing: grayscale;
  display: flex;
  flex-direction: column;
  gap: 1rem;
  text-align: center;
 }
 .rotating {
  -webkit-animation: rotating 8s linear infinite;
  -moz-animation: rotating 4s linear infinite;
  -ms-animation: rotating 4s linear infinite;
  -o-animation: rotating 4s linear infinite;
  animation: rotating 12s linear infinite;
 }
 </style>
--- a/docs/.vitepress/theme/Layout.vue
+++ b/docs/.vitepress/theme/Layout.vue
@@ -0,0 +1,16 @@
 <script setup>
 import { useData } from 'vitepress'
 import Home from './Home.vue'
 import DefaultTheme from 'vitepress/theme'
 const { Layout } = DefaultTheme
 const { frontmatter } = useData()
 </script>
 <template>
  <Layout>
    <template v-if="frontmatter.layout === 'home'" #home-hero-after>
      <Home />
    </template>
  </Layout>
 </template>
--- a/docs/.vitepress/theme/index.ts
+++ b/docs/.vitepress/theme/index.ts
@@ -0,0 +1,12 @@
 import { h } from 'vue'
 import type { Theme } from 'vitepress'
 import DefaultTheme from 'vitepress/theme'
 import Layout from "./Layout.vue";
 export default {
  ...DefaultTheme,
  Layout,
  enhanceApp({ app, router, siteData }) {
    // ...
  }
 } satisfies Theme
--- a/docs/.vitepress/theme/style.css
+++ b/docs/.vitepress/theme/style.css
@@ -0,0 +1,147 @@
 /**
 * Customize default theme styling by overriding CSS variables:
 * https://github.com/vuejs/vitepress/blob/main/src/client/theme-default/styles/vars.css
 */
 /**
 * Colors
 *
 * Each colors have exact same color scale system with 3 levels of solid
 * colors with different brightness, and 1 soft color.
 *
 * - `XXX-1`: The most solid color used mainly for colored text. It must
 *   satisfy the contrast ratio against when used on top of `XXX-soft`.
 *
 * - `XXX-2`: The color used mainly for hover state of the button.
 *
 * - `XXX-3`: The color for solid background, such as bg color of the button.
 *   It must satisfy the contrast ratio with pure white (#ffffff) text on
 *   top of it.
 *
 * - `XXX-soft`: The color used for subtle background such as custom container
 *   or badges. It must satisfy the contrast ratio when putting `XXX-1` colors
 *   on top of it.
 *
 *   The soft color must be semi transparent alpha channel. This is crucial
 *   because it allows adding multiple "soft" colors on top of each other
 *   to create a accent, such as when having inline code block inside
 *   custom containers.
 *
 * - `default`: The color used purely for subtle indication without any
 *   special meanings attched to it such as bg color for menu hover state.
 *
 * - `brand`: Used for primary brand colors, such as link text, button with
 *   brand theme, etc.
 *
 * - `tip`: Used to indicate useful information. The default theme uses the
 *   brand color for this by default.
 *
 * - `warning`: Used to indicate warning to the users. Used in custom
 *   container, badges, etc.
 *
 * - `danger`: Used to show error, or dangerous message to the users. Used
 *   in custom container, badges, etc.
 * -------------------------------------------------------------------------- */
 :root {
  --vp-c-default-1: var(--vp-c-gray-1);
  --vp-c-default-2: var(--vp-c-gray-2);
  --vp-c-default-3: var(--vp-c-gray-3);
  --vp-c-default-soft: var(--vp-c-gray-soft);
  --vp-c-brand-1: var(--vp-c-indigo-1);
  --vp-c-brand-2: var(--vp-c-indigo-2);
  --vp-c-brand-3: var(--vp-c-indigo-3);
  --vp-c-brand-soft: var(--vp-c-indigo-soft);
  --vp-c-tip-1: var(--vp-c-brand-1);
  --vp-c-tip-2: var(--vp-c-brand-2);
  --vp-c-tip-3: var(--vp-c-brand-3);
  --vp-c-tip-soft: var(--vp-c-brand-soft);
  --vp-c-warning-1: var(--vp-c-yellow-1);
  --vp-c-warning-2: var(--vp-c-yellow-2);
  --vp-c-warning-3: var(--vp-c-yellow-3);
  --vp-c-warning-soft: var(--vp-c-yellow-soft);
  --vp-c-danger-1: var(--vp-c-red-1);
  --vp-c-danger-2: var(--vp-c-red-2);
  --vp-c-danger-3: var(--vp-c-red-3);
  --vp-c-danger-soft: var(--vp-c-red-soft);
 }
 /**
 * Component: Button
 * -------------------------------------------------------------------------- */
 :root {
  --vp-button-brand-border: transparent;
  --vp-button-brand-text: var(--vp-c-white);
  --vp-button-brand-bg: var(--vp-c-brand-3);
  --vp-button-brand-hover-border: transparent;
  --vp-button-brand-hover-text: var(--vp-c-white);
  --vp-button-brand-hover-bg: var(--vp-c-brand-2);
  --vp-button-brand-active-border: transparent;
  --vp-button-brand-active-text: var(--vp-c-white);
  --vp-button-brand-active-bg: var(--vp-c-brand-1);
 }
 /**
 * Component: Home
 * -------------------------------------------------------------------------- */
 :root {
  --vp-home-hero-name-color: transparent;
  --vp-home-hero-name-background: -webkit-linear-gradient(
    120deg,
    #0f0513 30%,
    #7e8b90
  );
  --vp-home-hero-image-background-image: linear-gradient(
    -45deg,
    #bd34fe 50%,
    #47caff 50%
  );
  --vp-home-hero-image-filter: blur(44px);
 }
@media (min-width: 640px) {
  :root {
    --vp-home-hero-image-filter: blur(56px);
  }
 }
@media (min-width: 960px) {
  :root {
    --vp-home-hero-image-filter: blur(68px);
  }
 }
 /**
 * Component: Custom Block
 * -------------------------------------------------------------------------- */
 :root {
  --vp-custom-block-tip-border: transparent;
  --vp-custom-block-tip-text: var(--vp-c-text-1);
  --vp-custom-block-tip-bg: var(--vp-c-brand-soft);
  --vp-custom-block-tip-code-bg: var(--vp-c-brand-soft);
 }
 /**
 * Component: Algolia
 * -------------------------------------------------------------------------- */
 .DocSearch {
  --docsearch-primary-color: var(--vp-c-brand-1) !important;
 }
 .content img {
    padding-left: 20px;
    height: 108px;
 }
@tailwind base;
@tailwind components;
@tailwind utilities;
--- a/docs/administration/fail2ban-setup.md
+++ b/docs/administration/fail2ban-setup.md
@@ -0,0 +1,29 @@
 # Fail2ban setup
 Fail2ban can be used to ban IPs that try to bruteforce the login page.
 Log level must be set at least to `warn`.
 Add this filter in `etc/fail2ban/filter.d/opengist.conf` :
 ```ini
 [Definition]
 failregex =  Invalid .* authentication attempt from <HOST>
 ignoreregex =
 ```
 Add this jail in `etc/fail2ban/jail.d/opengist.conf` :
 ```ini
 [opengist]
 enabled = true
 filter = opengist
 logpath = /home/*/.opengist/log/opengist.log
 maxretry = 10
 findtime = 3600
 bantime = 600
 banaction = iptables-allports
 port = anyport
 ```
 Then run
 ```shell
 service fail2ban restart
 ```
--- a/docs/administration/healthcheck.md
+++ b/docs/administration/healthcheck.md
@@ -0,0 +1,13 @@
 # Healthcheck
 A healthcheck is a simple HTTP GET request to the `/healthcheck` endpoint. It returns a `200 OK` response if the server is healthy.
 ## Example
 ```shell
 curl http://localhost:6157/healthcheck
 ```
 ```json
 {"database":"ok","opengist":"ok","time":"2024-01-04T05:18:33+01:00"}
 ```
--- a/docs/administration/manage-admins.md
+++ b/docs/administration/manage-admins.md
@@ -0,0 +1,11 @@
 # Manage admins
 You can add and remove Opengist admins from the CLI.
 ```bash
 ./opengist admin toggle-admin <username>
 ```
 ```bash
 $ ./opengist admin toggle-admin thomas
 User thomas admin set to true
 ```
--- a/docs/administration/nginx-reverse-proxy.md
+++ b/docs/administration/nginx-reverse-proxy.md
@@ -0,0 +1,46 @@
 # Use Nginx as a reverse proxy
 Configure Nginx to proxy requests to Opengist. Here are example configuration file to use Opengist on a subdomain or on a subpath.
 Make sure you set the base url for Opengist via the [configuration](/docs/configuration/cheat-sheet.md).
 ### Subdomain
 ```
 server {
    listen 80;
    server_name opengist.example.com;
    location / {
        proxy_pass http://127.0.0.1:6157;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
 }
 ```
 ### Subpath
 ```
 server {
    listen 80;
    server_name example.com;
    location /opengist/ {
        rewrite ^/opengist(/.*)$ $1 break;
        proxy_pass http://127.0.0.1:6157;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Prefix /opengist;
    }
 }
 ```
 ---
 To apply changes:
 ```shell
 sudo systemctl restart nginx
 ```
--- a/docs/administration/reset-password.md
+++ b/docs/administration/reset-password.md
@@ -0,0 +1,7 @@
 # Reset a user password
 To reset a user password, run the following command using the Opengist binary:
 ```bash
 ./opengist admin reset-password <username> <new-password>
 ```
--- a/docs/administration/run-with-systemd.md
+++ b/docs/administration/run-with-systemd.md
@@ -0,0 +1,92 @@
 # Run with Systemd
 For non-Docker users, you could run Opengist as a systemd service.
 ## As root
 On Unix distributions with systemd, place the Opengist binary like:
 ```shell
 sudo cp opengist /usr/local/bin
 sudo mkdir -p /var/lib/opengist
 sudo cp config.yml /etc/opengist
 ```
 Edit the Opengist home directory configuration in `/etc/opengist/config.yml` like:
 ```shell
 opengist-home: /var/lib/opengist
 ```
 Create a new user to run Opengist:
 ```shell
 sudo useradd --system opengist
 sudo mkdir -p /var/lib/opengist
 sudo chown -R opengist:opengist /var/lib/opengist
 ```
 Then create a service file at `/etc/systemd/system/opengist.service`:
 ```ini
 [Unit]
 Description=opengist Server
 After=network.target
 [Service]
 Type=simple
 User=opengist
 Group=opengist
 ExecStart=opengist --config /etc/opengist/config.yml
 Restart=on-failure
 [Install]
 WantedBy=multi-user.target
 ```
 Finally, start the service:
 ```shell
 systemctl daemon-reload
 systemctl enable --now opengist
 systemctl status opengist
 ```
 ----
 ## As a normal user
 **NOTE: This was tested on Ubuntu 20.04 and newer. For other distros, please check the respective documentation**  
 #### For the purpose of this documentation, we will assume that:
 - You've followed the instructions on how to run opengist [from source](https://github.com/thomiceli/opengist?tab=readme-ov-file#from-source)
 - Your shell user is named `pastebin`
 - All commands are being executed as the `pastebin` user
 _If none of the above is true, then adapt the commands and paths to fit your needs._
 Enable lingering for the user:
 ```shell
 loginctl enable-linger
 ```
 Create the user systemd folder:
 ```
 mkdir -p /home/pastebin/.config/systemd/user
 ```
 Then create a service file at `/home/pastebin/.config/systemd/user/opengist.service`:
 ```ini
 [Unit]
 Description=opengist Server
 After=network.target
 [Service]
 Type=simple
 ExecStart=/home/pastebin/opengist/opengist --config /home/pastebin/opengist/config.yml
 Restart=on-failure
 [Install]
 WantedBy=default.target
 ```
 Finally, start the service:
 ```shell
 systemctl --user daemon-reload
 systemctl --user enable --now opengist
 systemctl --user status opengist
 ```
--- a/docs/administration/traefik-reverse-proxy.md
+++ b/docs/administration/traefik-reverse-proxy.md
@@ -0,0 +1,48 @@
 # Use Traefik as a reverse proxy
 You can set up Traefik in two ways:
 <details>
 <summary>Using Docker labels</summary>
 Add these labels to your `docker-compose.yml` file:
 ```yml
 labels:
  - traefik.http.routers.opengist.rule=Host(`opengist.example.com`) # Change to your subdomain
  # Uncomment the line below if you run Opengist in a subdirectory
  # - traefik.http.routers.app1.rule=PathPrefix(`/opengist{regex:$$|/.*}`) # Change opentist in the regex to yuor subdirectory name
  - traefik.http.routers.opengist.entrypoints=websecure # Change to the name of your 443 port entrypoint
  - traefik.http.routers.opengist.tls.certresolver=lets-encrypt # Change to certresolver's name
  - traefik.http.routers.opengist.service=opengist
  - traefik.http.services.opengist.loadBalancer.server.port=6157
 ```
 </details>
 <details>
 <summary>Using a <code>yml</code> file</summary>
 > [!Note]
 > Don't forget to change the `<server-address>` to your server's IP
 `traefik_dynamic.yml`
 ```yml
 http:
  routers:
    opengist:
      entrypoints: websecure
      rule: Host(`opengist.example.com`) # Comment this line and uncomment the line below if using a subpath
      # rule: PathPrefix(`/opengist{regex:$$|/.*}`) # Change opentist in the regex to yuor subdirectory name
      # middlewares:
      #   - opengist-fail2ban
      service: opengist
      tls:
        certresolver: lets-encrypt
  services:
    opengist:
      loadbalancer:
        servers:
          - url: "http://<server-address>:6157"
 ```
 </details>
--- a/docs/configuration/admin-panel.md
+++ b/docs/configuration/admin-panel.md
@@ -0,0 +1,53 @@
 # Admin panel
 The first user created on your Opengist instance has access to the Admin panel.
 To access the Admin panel:
 1. Log in
 2. Click your username in the upper right corner
 3. Select `Admin`
 ## Usage
 ### General
 Here you can see some basic information, like Opengist version, alongside some stats.
 You can also start some actions like forcing synchronization of gists,
 starting garbage collection, etc.
 ### Users
 Here you can see your users and delete them.
 ### Gists
 Here you can see all the gists and some basic information about them. You also have an option
 to delete them.
 ### Invitations
 Here you can create invitation links with some options like limiting the number of signed up
 users or setting an expiration date.
 > [!Note]
 > Invitation links override the `Disable signup` option but not the `Disable login form` option.
 >
 > Users will see only the OAuth providers when `Disable login form` is enabled.
 ### Configuration
 Here you can change a limited number of settings without restarting the instance.
 - Disable signup
    - Forbid the creation of new accounts.
 - Require login
    - Enforce users to be logged in to see gists.
 - Allow individual gists without login
    - Allow individual gists to be viewed and downloaded without login, while requiring login for discovering gists.
 - Disable login form
    - Forbid logging in via the login form to force using OAuth providers instead.
 - Disable Gravatar
    - Disable the usage of Gravatar as an avatar provider.
--- a/docs/configuration/cheat-sheet.md
+++ b/docs/configuration/cheat-sheet.md
@@ -0,0 +1,43 @@
 ---
 aside: false
 ---
 # Configuration Cheat Sheet
 | YAML Config Key       | Environment Variable                | Default value         | Description                                                                                                                                                                                                                      |
 |-----------------------|-------------------------------------|-----------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
 | log-level             | OG_LOG_LEVEL                        | `warn`                | Set the log level to one of the following: `debug`, `info`, `warn`, `error`, `fatal`.                                                                                                                                            |
 | log-output            | OG_LOG_OUTPUT                       | `stdout,file`         | Set the log output to one or more of the following: `stdout`, `file`.                                                                                                                                                            |
 | external-url          | OG_EXTERNAL_URL                     | none                  | Public URL to access to Opengist.                                                                                                                                                                                                |
 | opengist-home         | OG_OPENGIST_HOME                    | home directory        | Path to the directory where Opengist stores its data.                                                                                                                                                                            |
 | secret-key            | OG_SECRET_KEY                       | randomized 32 bytes   | Secret key used for session store & encrypt MFA data on database.                                                                                                                                                                |
 | db-uri                | OG_DB_URI                           | `opengist.db`         | URI of the database.                                                                                                                                                                                                             |
 | index.enabled         | OG_INDEX_ENABLED                    | `true`                | Enable or disable the code search index (`true` or `false`)                                                                                                                                                                      |
 | index.dirname         | OG_INDEX_DIRNAME                    | `opengist.index`      | Name of the directory where the code search index is stored.                                                                                                                                                                     |
 | git.default-branch    | OG_GIT_DEFAULT_BRANCH               | none                  | Default branch name used by Opengist when initializing Git repositories. If not set, uses the Git default branch name. More info [here](https://git-scm.com/book/en/v2/Getting-Started-First-Time-Git-Setup#_new_default_branch) |
 | sqlite.journal-mode   | OG_SQLITE_JOURNAL_MODE              | `WAL`                 | Set the journal mode for SQLite. More info [here](https://www.sqlite.org/pragma.html#pragma_journal_mode)                                                                                                                        |
 | http.host             | OG_HTTP_HOST                        | `0.0.0.0`             | The host on which the HTTP server should bind.                                                                                                                                                                                   |
 | http.port             | OG_HTTP_PORT                        | `6157`                | The port on which the HTTP server should listen.                                                                                                                                                                                 |
 | http.git-enabled      | OG_HTTP_GIT_ENABLED                 | `true`                | Enable or disable git operations (clone, pull, push) via HTTP. (`true` or `false`)                                                                                                                                               |
 | ssh.git-enabled       | OG_SSH_GIT_ENABLED                  | `true`                | Enable or disable git operations (clone, pull, push) via SSH. (`true` or `false`)                                                                                                                                                |
 | ssh.host              | OG_SSH_HOST                         | `0.0.0.0`             | The host on which the SSH server should bind.                                                                                                                                                                                    |
 | ssh.port              | OG_SSH_PORT                         | `2222`                | The port on which the SSH server should listen.                                                                                                                                                                                  |
 | ssh.external-domain   | OG_SSH_EXTERNAL_DOMAIN              | none                  | Public domain for the Git SSH connection, if it has to be different from the HTTP one. If not set, uses the URL from the request.                                                                                                |
 | ssh.keygen-executable | OG_SSH_KEYGEN_EXECUTABLE            | `ssh-keygen`          | Path to the SSH key generation executable.                                                                                                                                                                                       |
 | github.client-key     | OG_GITHUB_CLIENT_KEY                | none                  | The client key for the GitHub OAuth application.                                                                                                                                                                                 |
 | github.secret         | OG_GITHUB_SECRET                    | none                  | The secret for the GitHub OAuth application.                                                                                                                                                                                     |
 | gitlab.client-key     | OG_GITLAB_CLIENT_KEY                | none                  | The client key for the GitLab OAuth application.                                                                                                                                                                                 |
 | gitlab.secret         | OG_GITLAB_SECRET                    | none                  | The secret for the GitLab OAuth application.                                                                                                                                                                                     |
 | gitlab.url            | OG_GITLAB_URL                       | `https://gitlab.com/` | The URL of the GitLab instance.                                                                                                                                                                                                  |
 | gitlab.name           | OG_GITLAB_NAME                      | `GitLab`              | The name of the GitLab instance. It is displayed in the OAuth login button.                                                                                                                                                      |
 | gitea.client-key      | OG_GITEA_CLIENT_KEY                 | none                  | The client key for the Gitea OAuth application.                                                                                                                                                                                  |
 | gitea.secret          | OG_GITEA_SECRET                     | none                  | The secret for the Gitea OAuth application.                                                                                                                                                                                      |
 | gitea.url             | OG_GITEA_URL                        | `https://gitea.com/`  | The URL of the Gitea instance.                                                                                                                                                                                                   |
 | gitea.name            | OG_GITEA_NAME                       | `Gitea`               | The name of the Gitea instance. It is displayed in the OAuth login button.                                                                                                                                                       |
 | oidc.client-key       | OG_OIDC_CLIENT_KEY                  | none                  | The client key for the OpenID application.                                                                                                                                                                                       |
 | oidc.secret           | OG_OIDC_SECRET                      | none                  | The secret for the OpenID application.                                                                                                                                                                                           |
 | oidc.discovery-url    | OG_OIDC_DISCOVERY_URL               | none                  | Discovery endpoint of the OpenID provider.                                                                                                                                                                                       |
 | custom.name           | OG_CUSTOM_NAME                      | none                  | The name of your instance, to be displayed in the tab title                                                                                                                                                                      |
 | custom.logo           | OG_CUSTOM_LOGO                      | none                  | Path to an image, relative to $opengist-home/custom.                                                                                                                                                                             |
 | custom.favicon        | OG_CUSTOM_FAVICON                   | none                  | Path to an image, relative to $opengist-home/custom.                                                                                                                                                                             |
 | custom.static-links   | OG_CUSTOM_STATIC_LINK_#_(PATH,NAME) | none                  | Path and name to custom links, more info [here](custom-links.md).                                                                                                                                                                |
--- a/docs/configuration/configure.md
+++ b/docs/configuration/configure.md
@@ -0,0 +1,72 @@
 # Configuration
 Opengist provides flexible configuration options through either a YAML file and/or environment variables.
 You would only need to specify the configuration options you want to change — for any config option left untouched, 
 Opengist will simply apply the default values.
 The [configuration cheat sheet](cheat-sheet.md) lists all available configuration options.
 ## Configuration via YAML file
 The configuration file must be specified when launching the application, using the `--config` flag followed by the path 
 to your YAML file.
 Usage with Docker Compose :
 ```yml
 services:
  opengist:
    # ...
    volumes:
    # ...
    - "/path/to/config.yml:/config.yml"
 ```
 Usage via command line :
 ```shell
 ./opengist --config /path/to/config.yml
 ```
 You can start by copying and/or modifying the provided [config.yml](https://github.com/thomiceli/opengist/blob/stable/config.yml) file.
 ## Configuration via Environment Variables
 Usage with Docker Compose :
 ```yml
 services:
  opengist:
    # ...
    environment:
      OG_LOG_LEVEL: "info"
      # etc.
 ```
 Usage via command line :
 ```shell
 OG_LOG_LEVEL=info ./opengist
 ```
 ### Using Docker Compose secrets
 You can use Docker Compose secrets to not expose sensitive information in your compose file, using a `.env` file.
 ```dotenv
 # file secrets.env
 OG_GITLAB_CLIENT_KEY=your_gitlab_client_key
 OG_GITLAB_SECRET=your_gitlab_secret_key
 ```
 And then use it in your compose file :
 ```yml
 services:
  opengist:
    # ...
    secrets:
      - opengist_secrets
 secrets:
  opengist_secrets:
    file: ./secrets.env
 ```
--- a/docs/configuration/custom-assets.md
+++ b/docs/configuration/custom-assets.md
@@ -0,0 +1,45 @@
 # Custom assets
 To add custom assets to your Opengist instance, you can use the `$opengist-home/custom` directory (where `$opengist-home` is the directory where Opengist stores its data).
 ### Logo / Favicon
 To add a custom logo or favicon, you can add your own image file to the `$opengist-home/custom` directory, then define the relative path in the config.
 For example, if you have a logo file `logo.png` in the `$opengist-home/custom` directory, you can set the logo path in the config as follows:
 #### YAML
 ```yaml
 custom.logo: logo.png
 ```
 #### Environment variable
 ```sh
 export OG_CUSTOM_LOGO=logo.png
 ```
 Same as the favicon:
 #### YAML
 ```yaml
 custom.favicon: favicon.png
 ```
 #### Environment variable
 ```sh
 export OG_CUSTOM_FAVICON=favicon.png
 ```
 ### Instance Name
 It is also possible to set a name for your instance, that would be displayed in the title bar instead of 'Opengist'.
 #### YAML
 ```yaml
 custom.name: My Gists
 ```
 #### Environment variable
 ```sh
 export OG_CUSTOM_NAME="My Gists"
 ```
--- a/docs/configuration/custom-links.md
+++ b/docs/configuration/custom-links.md
@@ -0,0 +1,62 @@
 # Custom links
 On the footer of your Opengist instance, you can add links to custom static templates or any other website you want to link to.
 This can be useful for legal information, privacy policy, or any other information you want to provide to your users.
 To add one or more links, you can add your own file to the `$opengist-home/custom` directory or set a URL, then define the relative path and its name in the config.
 For example, if you have a legal information file `legal.html` in the `$opengist-home/custom` directory, and also wish to add a link to a Gitea instance, you can set the link in the config as follows:
 #### YAML
 ```yaml
 custom.static-links:
  - name: Legal notices
    path: legal.html
  - name: Gitea
    path: https://gitea.com
 ```
 #### Environment variable
 ```sh
 OG_CUSTOM_STATIC_LINK_0_NAME="Legal Notices" \
 OG_CUSTOM_STATIC_LINK_0_PATH=legal.html \
 OG_CUSTOM_STATIC_LINK_1_NAME=Gitea \
 OG_CUSTOM_STATIC_LINK_1_PATH=https://gitea.com \
 ./opengist
 ```
 ## Templating custom HTML pages
 In the start and end of the custom HTML files, you can use the syntax to include the header and footer of the Opengist instance:
 ```html
 {{ template "header" . }}
 <!-- my content -->
 {{ template "footer" . }}
 ```
 If you want your custom page to integrate well into the existing theme, you can use the following:
 ```html
 {{ template "header" . }}
 <div class="py-10">
   <header class="pb-4 ">
      <div class="flex">
         <div class="flex-auto">
            <h2 class="text-2xl font-bold leading-tight">Heading</h2>
         </div>
      </div>
   </header>
   <main>
     <h3 class="text-xl font-bold leading-tight mt-4">Sub-Heading</h3>
     <p class="mt-4 ml-1"><!-- my content --></p>
   </main>
 </div>
 {{ template "footer" . }}
 ```
 You can adjust above as needed. Opengist uses TailwindCSS classes.
--- a/docs/configuration/databases/mysql.md
+++ b/docs/configuration/databases/mysql.md
@@ -0,0 +1,47 @@
 # Using MySQL/MariaDB
 To use MySQL/MariaDB as the database backend, you need to set the database URI configuration to the connection string of your MySQL/MariaDB database with this format :
 `mysql://<user>:<password>@<host>:<port>/<database>`
 #### YAML
 ```yaml
 # Example
 db-uri: mysql://root:passwd@localhost:3306/opengist_db
 ```
 #### Environment variable
 ```sh
 # Example
 OG_DB_URI=mysql://root:passwd@localhost:3306/opengist_db
 ```
 ### Docker Compose
 ```yml
 services:
  opengist:
    image: ghcr.io/thomiceli/opengist:1
    container_name: opengist
    restart: unless-stopped
    depends_on:
      - mysql
    ports:
      - "6157:6157"
      - "2222:2222"
    volumes:
      - "$HOME/.opengist:/opengist"
    environment:
      OG_DB_URI: mysql://opengist:secret@mysql:3306/opengist_db
      # other configuration options
  mysql:
    image: mysql:8.4
    restart: unless-stopped
    volumes:
      - "./opengist-database:/var/lib/mysql"
    environment:
      MYSQL_USER: opengist
      MYSQL_PASSWORD: secret
      MYSQL_DATABASE: opengist_db
      MYSQL_ROOT_PASSWORD: rootsecret
 ```
--- a/docs/configuration/databases/postgresql.md
+++ b/docs/configuration/databases/postgresql.md
@@ -0,0 +1,46 @@
 # Using PostgreSQL
 To use PostgreSQL as the database backend, you need to set the database URI configuration to the connection string of your PostgreSQL database with this format :
 `postgres://<user>:<password>@<host>:<port>/<database>`
 #### YAML
 ```yaml
 # Example
 db-uri: postgres://postgres:passwd@localhost:5432/opengist_db
 ```
 #### Environment variable
 ```sh
 # Example
 OG_DB_URI=postgres://postgres:passwd@localhost:5432/opengist_db
 ```
 ### Docker Compose
 ```yml
 services:
  opengist:
    image: ghcr.io/thomiceli/opengist:1
    container_name: opengist
    restart: unless-stopped
    depends_on:
      - postgres
    ports:
      - "6157:6157"
      - "2222:2222"
    volumes:
      - "$HOME/.opengist:/opengist"
    environment:
      OG_DB_URI: postgres://opengist:secret@postgres:5432/opengist_db
      # other configuration options
  postgres:
    image: postgres:16.4
    restart: unless-stopped
    volumes:
      - "./opengist-database:/var/lib/postgresql/data"
    environment:
      POSTGRES_USER: opengist
      POSTGRES_PASSWORD: secret
      POSTGRES_DB: opengist_db
 ```
--- a/docs/configuration/databases/sqlite.md
+++ b/docs/configuration/databases/sqlite.md
@@ -0,0 +1,44 @@
 # Using SQLite
 By default, Opengist uses SQLite as the database backend.
 Because SQLite is a file-based database, there is not much configuration to tweak.
 The configuration `db-uri`/`OG_DB_URI` refers to the path of the SQLite database file relative in the `$opengist-home/` directory (default `opengist.db`),
 although it can be left untouched. You can also use an absolute path outside the `$opengist-home/` directory.
 The SQLite journal mode is set to [`WAL` (Write-Ahead Logging)](https://www.sqlite.org/pragma.html#pragma_journal_mode) by default and can be changed.
 #### YAML
 ```yaml
 # default
 db-uri: opengist.db
 sqlite.journal-mode: WAL
 # absolute path outside the $opengist-home/ directory
 db-uri: file:/home/user/opengist.db
 ```
 #### Environment variable
 ```sh
 # default
 OG_DB_URI=opengist.db
 OG_SQLITE_JOURNAL_MODE=WAL
 ```
 ### Docker Compose
 ```yml
 services:
  opengist:
    image: ghcr.io/thomiceli/opengist:1
    container_name: opengist
    restart: unless-stopped
    ports:
      - "6157:6157" # HTTP port
      - "2222:2222" # SSH port, can be removed if you don't use SSH
    volumes:
      - "$HOME/.opengist:/opengist"
    environment:
      OG_SQLITE_JOURNAL_MODE: WAL
      # other configuration options
 ```
--- a/docs/configuration/oauth-providers.md
+++ b/docs/configuration/oauth-providers.md
@@ -0,0 +1,77 @@
 # Use OAuth providers
 Opengist can be configured to use OAuth to authenticate users, with GitHub, Gitea, or OpenID Connect.
 ## GitHub
 * Add a new OAuth app in your [GitHub account settings](https://github.com/settings/applications/new)
 * Set 'Authorization callback URL' to `http://opengist.url/oauth/github/callback`
 * Copy the 'Client ID' and 'Client Secret' and add them to the [configuration](cheat-sheet.md) :
  ```yaml
  github.client-key: <key>
  github.secret: <secret>
  ```
  ```shell
  OG_GITHUB_CLIENT_KEY=<key>
  OG_GITHUB_SECRET=<secret>
  ```
 ## GitLab
 * Add a new OAuth app in Application settings from the [GitLab instance](https://gitlab.com/-/user_settings/applications)
 * Set 'Redirect URI' to `http://opengist.url/oauth/gitlab/callback`
 * Copy the 'Client ID' and 'Client Secret' and add them to the [configuration](cheat-sheet.md) :
  ```yaml
  gitlab.client-key: <key>
  gitlab.secret: <secret>
  # URL of the GitLab instance. Default: https://gitlab.com/
  gitlab.url: https://gitlab.com/
  ```
  ```shell
  OG_GITLAB_CLIENT_KEY=<key>
  OG_GITLAB_SECRET=<secret>
  # URL of the GitLab instance. Default: https://gitlab.com/
  OG_GITLAB_URL=https://gitlab.com/
  ```
 ## Gitea
 * Add a new OAuth app in Application settings from the [Gitea instance](https://gitea.com/user/settings/applications)
 * Set 'Redirect URI' to `http://opengist.url/oauth/gitea/callback`
 * Copy the 'Client ID' and 'Client Secret' and add them to the [configuration](cheat-sheet.md) :
  ```yaml
  gitea.client-key: <key>
  gitea.secret: <secret>
  # URL of the Gitea instance. Default: https://gitea.com/
  gitea.url: http://localhost:3000
  ```
  ```shell
  OG_GITEA_CLIENT_KEY=<key>
  OG_GITEA_SECRET=<secret>
  # URL of the Gitea instance. Default: https://gitea.com/
  OG_GITEA_URL=http://localhost:3000
  ```
 ## OpenID Connect
 * Add a new OAuth app in Application settings of your OIDC provider
 * Set 'Redirect URI' to `http://opengist.url/oauth/openid-connect/callback`
 * Copy the 'Client ID', 'Client Secret', and the discovery endpoint, and add them to the [configuration](cheat-sheet.md) :
  ```yaml
  oidc.client-key: <key>
  oidc.secret: <secret>
  # Discovery endpoint of the OpenID provider. Generally something like http://auth.example.com/.well-known/openid-configuration
  oidc.discovery-url: http://auth.example.com/.well-known/openid-configuration
  ```
  ```shell
  OG_OIDC_CLIENT_KEY=<key>
  OG_OIDC_SECRET=<secret>
  # Discovery endpoint of the OpenID provider. Generally something like http://auth.example.com/.well-known/openid-configuration
  OG_OIDC_DISCOVERY_URL=http://auth.example.com/.well-known/openid-configuration
  ```
--- a/docs/contributing/community.md
+++ b/docs/contributing/community.md
@@ -0,0 +1,6 @@
 # Community
 The following is a list of resources made by happy users of Opengist. Feel free to make a PR add your own!
 - [Aetherinox/opengist-debian](https://github.com/Aetherinox/opengist-debian) - A Debian package for Opengist
 - [How to Install Opengist on Your Synology NAS](https://mariushosting.com/how-to-install-opengist-on-your-synology-nas/) - A guide to install Opengist on a Synology NAS
--- a/docs/contributing/development.md
+++ b/docs/contributing/development.md
@@ -0,0 +1,38 @@
 # Run Opengist in development mode
 ## With Docker
 Assuming you have [Make](https://linux.die.net/man/1/make) installed,
 ```shell
 # Clone the repository
 git clone git@github.com:thomiceli/opengist.git
 cd opengist
 # Build the development image
 make build_dev_docker
 ```
 Now you can run the development image with the following command:
 ```shell
 make run_dev_docker
 ```
 Opengist is now running on port 6157, you can browse http://localhost:6157
 ## As a binary
 Requirements:
 * [Git](https://git-scm.com/downloads) (2.28+)
 * [Go](https://go.dev/doc/install) (1.23+)
 * [Node.js](https://nodejs.org/en/download/) (16+)
 * [Make](https://linux.die.net/man/1/make) (optional, but easier)
 ```shell
 git clone git@github.com:thomiceli/opengist.git
 cd opengist
 make watch
 ```
 Opengist is now running on port 6157, you can browse http://localhost:6157
--- a/docs/index.md
+++ b/docs/index.md
@@ -0,0 +1,4 @@
 ---
 layout: home
 navbar: false
 ---
--- a/docs/installation.md
+++ b/docs/installation.md
@@ -0,0 +1,7 @@
 # Install Opengist
 There are several ways to install Opengist, depending on your preferences and your environment.
 - [Docker](installation/docker.md)
 - [Source](installation/source.md)
 - [Binary](installation/binary.md)
--- a/docs/installation/binary.md
+++ b/docs/installation/binary.md
@@ -0,0 +1,14 @@
 # Install from binary
 Download the archive for your system from the release page [here](https://github.com/thomiceli/opengist/releases/latest), and extract it.
 ```shell
 # example for linux amd64
 wget https://github.com/thomiceli/opengist/releases/download/v1.9.0/opengist1.9.0-linux-amd64.tar.gz
 tar xzvf opengist1.9.0-linux-amd64.tar.gz
 cd opengist
 chmod +x opengist
 ./opengist # with or without `--config config.yml`
 ```
--- a/docs/installation/docker.md
+++ b/docs/installation/docker.md
@@ -0,0 +1,41 @@
 # Install with Docker
 Docker [images](https://github.com/thomiceli/opengist/pkgs/container/opengist) are available for each release :
 ```shell
 docker pull ghcr.io/thomiceli/opengist:1
 ```
 It can be used in a `docker-compose.yml` file :
 1. Create a `docker-compose.yml` file with the following content
 2. Run `docker compose up -d`
 3. Opengist is now running on port 6157, you can browse http://localhost:6157
 ```yml
 services:
  opengist:
    image: ghcr.io/thomiceli/opengist:1
    container_name: opengist
    restart: unless-stopped
    ports:
      - "6157:6157" # HTTP port
      - "2222:2222" # SSH port, can be removed if you don't use SSH
    volumes:
      - "$HOME/.opengist:/opengist"
    environment:
      # OG_LOG_LEVEL: info
      # other configuration options
 ```
 You can define which user/group should run the container and own the files by setting the `UID` and `GID` environment
 variables :
 ```yml
 services:
  opengist:
    # ...
    environment:
      UID: 1001
      GID: 1001
 ```
--- a/docs/installation/source.md
+++ b/docs/installation/source.md
@@ -0,0 +1,19 @@
 # Installation from source
 Requirements:
 * [Git](https://git-scm.com/downloads) (2.28+)
 * [Go](https://go.dev/doc/install) (1.23+)
 * [Node.js](https://nodejs.org/en/download/) (16+)
 * [Make](https://linux.die.net/man/1/make) (optional, but easier)
 ```shell
 git clone https://github.com/thomiceli/opengist
 cd opengist
 git checkout v1.9.0 # optional, to checkout the latest release
 make
 ./opengist
 ```
 Opengist is now running on port 6157, you can browse http://localhost:6157
--- a/docs/introduction.md
+++ b/docs/introduction.md
@@ -0,0 +1,56 @@
 # Opengist
 <img height="108px" src="https://raw.githubusercontent.com/thomiceli/opengist/master/public/opengist.svg" alt="Opengist" align="right" />
 Opengist is a **self-hosted** pastebin **powered by Git**. All snippets are stored in a Git repository and can be
 read and/or modified using standard Git commands, or with the web interface. 
 It is similiar to [GitHub Gist](https://gist.github.com/), but open-source and could be self-hosted.
 Written in [Go](https://go.dev), Opengist aims to be fast and easy to deploy.
 ## Features
 * Create public, unlisted or private snippets
 * [Init](usage/init-via-git.md) / Clone / Pull / Push snippets **via Git** over HTTP or SSH
 * Syntax highlighting ; markdown & CSV support
 * Search code in snippets ; browse users snippets, likes and forks
 * Add topics to snippets
 * Embed snippets in other websites
 * Revisions history
 * Like / Fork snippets
 * Editor with indentation mode & size ; drag and drop files
 * Download raw files or as a ZIP archive
 * Retrieve snippet data/metadata via a JSON API
 * OAuth2 login with GitHub, GitLab, Gitea, and OpenID Connect
 * Avatars via Gravatar or OAuth2 providers
 * Light/Dark mode
 * Responsive UI
 * Enable or disable signups
 * Restrict or unrestrict snippets visibility to anonymous users
 * Admin panel : 
  * delete users/gists; 
  * clean database/filesystem by syncing gists
  * run `git gc` for all repositories
 * SQLite/PostgreSQL/MySQL database
 * Logging
 * Docker support
 ## System requirements
 [Git](https://git-scm.com/download) is obviously required to run Opengist, as it's the main feature of the app.
 Version **2.28** or later is recommended as the app has not been tested with older Git versions and some features would not work.
 [OpenSSH](https://www.openssh.com/) suite if you wish to use Git over SSH.
 ## Components
 * Backend Web Framework: [Echo](https://echo.labstack.com/)
 * ORM: [GORM](https://gorm.io/)
 * Frontend libraries:
  * [TailwindCSS](https://tailwindcss.com/)
  * [CodeMirror](https://codemirror.net/)
  * [Day.js](https://day.js.org/)
  * and [others](/package.json)
--- a/docs/public/favicon.svg
+++ b/docs/public/favicon.svg
@@ -0,0 +1,17 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!-- Generator: Adobe Illustrator 27.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0)  -->
 <svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px" viewBox="0 0 500 500" style="enable-background:new 0 0 500 500;" xml:space="preserve">
 <style type="text/css">
 	.st0{fill:#FFFFFF;}
 </style>
 <g id="document" transform="scale(1.6666666666666667 1.6666666666666667) translate(150.0 150.0)">
 	<path class="st0" d="M131.3,24.3c13.7-71-33.9-139.5-106.4-152.9C-47.7-142-117.6-95.3-131.3-24.3s33.9,139.5,106.4,152.9   C47.7,142,117.6,95.3,131.3,24.3z"/>
 	<path class="st0" d="M128.9,0c0,55.7-36.8,103-88,119.8c0.2-1.2,0.3-2.5,0.3-4c0.1-22.3,0.2-36.2,0.2-52.8   c0-11.7-0.2-18.1-0.2-18.1c1.8,0,21.1-6,29.9-12.1S89.2,15.1,90.5-1.4c1.3-16.6-6-36.2-12.4-47.8C65.3-72.4,54.7-86.6,45.4-94.5   c-9.3-7.8-16.1-6.1-22.1-1.4S8.5-76.9,2.2-71.2c-3,2.8-10.6,12-20.4,3.3C-21-70.3-38-93.6-48.5-90.6c-13.1,3.7-28.1,27.3-35.1,43.8   c-9,21-10.8,33.6-6.1,63.5c4.7,29.9,7.5,60,11.8,76.4c1,4,2.3,7.4,4,10.4c-33.2-22.8-55-60.7-55-103.5   c0-69.7,57.7-126.3,128.9-126.3S128.9-69.7,128.9,0z"/>
 	<path d="M0-145c-81.8,0-148.1,64.9-148.1,145S-81.8,145,0,145S148.1,80.1,148.1,0S81.8-145,0-145z M40.9,119.8   c0.2-1.2,0.3-2.5,0.3-4c0.1-22.3,0.2-36.2,0.2-52.8c0-11.7-0.2-18.1-0.2-18.1c1.8,0,21.1-6,29.9-12.1S89.2,15.1,90.5-1.4   c1.3-16.6-6-36.2-12.4-47.8C65.3-72.4,54.7-86.6,45.4-94.5c-9.3-7.8-16.1-6.1-22.1-1.4S8.5-76.9,2.2-71.2c-3,2.8-10.6,12-20.4,3.3   C-21-70.3-38-93.6-48.5-90.6c-13.1,3.7-28.1,27.3-35.1,43.8c-9,21-10.8,33.6-6.1,63.5c4.7,29.9,7.5,60,11.8,76.4   c1,4,2.3,7.4,4,10.4c-33.2-22.8-55-60.7-55-103.5c0-69.7,57.7-126.3,128.9-126.3S128.9-69.7,128.9,0   C128.9,55.7,92.1,103,40.9,119.8z"/>
 	<path class="st0" d="M-102.8-7.2l91.2-9.4l-0.3-7l-91.2,9.4L-102.8-7.2z"/>
 	<path class="st0" d="M12-17.3c0.8-9.6-6.5-18-16.3-18.8s-18.4,6.4-19.2,16S-17-2.1-7.2-1.3S11.2-7.7,12-17.3z"/>
 	<path class="st0" d="M62.9-24.6c0.8-9.6-6.5-18-16.3-18.8c-9.8-0.8-18.4,6.4-19.2,16c-0.8,9.6,6.5,18,16.3,18.8S62.1-15,62.9-24.6z   "/>
 	<path class="st0" d="M-11.8-16.8l67.6-7.3l-0.5-6.3l-67.5,7.3L-11.8-16.8z"/>
 	<path class="st0" d="M53.1-23.6l49.5-12.2l-0.6-6.3L52.5-29.9L53.1-23.6z"/>
 </g>
 </svg>
--- a/docs/public/opengist-demo.png
+++ b/docs/public/opengist-demo.png
--- a/docs/update.md
+++ b/docs/update.md
@@ -0,0 +1,58 @@
 # Update Opengist
 ## Make a backup
 Before updating, always make sure to backup the Opengist home directory, where all the data is stored. 
 You can do so by copying the `~/.opengist` directory (default location).
 ```shell
 cp -r ~/.opengist ~/.opengist.bak
 ```
 ## Install the new version
 ### With Docker
 Pull the last version of Opengist
 ```shell
 docker pull ghcr.io/thomiceli/opengist:1
 ```
 And restart the container, using `docker compose up -d` for example if you use docker compose.
 ### Via binary
 Stop the running instance; then like your first installation of Opengist, download the archive for your system from the release page [here](https://github.com/thomiceli/opengist/releases/latest), and extract it.
 ```shell
 # example for linux amd64
 wget https://github.com/thomiceli/opengist/releases/download/v1.9.0/opengist1.9.0-linux-amd64.tar.gz
 tar xzvf opengist1.9.0-linux-amd64.tar.gz
 cd opengist
 chmod +x opengist
 ./opengist # with or without `--config config.yml`
 ```
 ### From source
 Stop the running instance; then pull the last changes from the master branch, and build the new version.
 ```shell
 git switch master
 git pull
 make
 ./opengist
 ```
 ## Restore the backup
 If you have any issue with the new version, you can restore the backup you made before updating.
 ```shell
 rm -rf ~/.opengist
 cp -r ~/.opengist.bak ~/.opengist
 ```
 Then run the old version of Opengist again.
--- a/docs/usage/embed.md
+++ b/docs/usage/embed.md
@@ -0,0 +1,11 @@
 # Embed a Gist to your webpage
 To embed a Gist to your webpage, you can add a script tag with the URL of your gist followed by `.js` to your HTML page:
 ```html
 <script src="http://opengist.url/user/gist-url.js"></script>
 <!-- Dark mode: -->
 <script src="http://opengist.url/user/gist-url.js?dark"></script>
 ```
--- a/docs/usage/gist-json.md
+++ b/docs/usage/gist-json.md
@@ -0,0 +1,37 @@
 # Retrieve Gist as JSON
 To retrieve a Gist as JSON, you can add `.json` to the end of the URL of your gist:
 ```shell
 curl http://opengist.url/thomas/my-gist.json | jq '.'
 ```
 It returns a JSON object with the following structure similar to this one:
 ```json
 {
  "created_at": "2023-04-12T13:15:20+02:00",
  "description": "",
  "embed": {
    "css": "http://localhost:6157/assets/embed-94abc261.css",
    "html": "<div class=\"opengist-embed\" id=\"my-gist\">\n    <div class=\"html \">\n    \n        <div class=\"rounded-md border-1 border-gray-100 dark:border-gray-800 overflow-auto mb-4\">\n            <div class=\"border-b-1 border-gray-100 dark:border-gray-700 text-xs p-2 pl-4 bg-gray-50 dark:bg-gray-800 text-gray-400\">\n                <a target=\"_blank\" href=\"http://localhost:6157/thomas/my-gist#file-hello-md\"><span class=\"font-bold text-gray-700 dark:text-gray-200\">hello.md</span> · 21 B · Markdown</a>\n                <span class=\"float-right\"><a target=\"_blank\" href=\"http://localhost:6157\">Hosted via Opengist</a> · <span class=\"text-gray-700 dark:text-gray-200 font-bold\"><a target=\"_blank\" href=\"http://localhost:6157/thomas/my-gist/raw/HEAD/hello.md\">view raw</a></span></span>\n            </div>\n            \n            \n            \n            <div class=\"chroma markdown markdown-body p-8\"><h1>Welcome to Opengist</h1>\n</div>\n            \n\n        </div>\n    \n    </div>\n</div>\n",
    "js": "http://localhost:6157/thomas/my-gist.js",
    "js_dark": "http://localhost:6157/thomas/my-gist.js?dark"
  },
  "files": [
    {
      "filename": "hello.md",
      "size": 21,
      "human_size": "21 B",
      "content": "# Welcome to Opengist",
      "truncated": false,
      "type": "Markdown"
    }
  ],
  "id": "my-gist",
  "owner": "thomas",
  "title": "hello.md",
  "uuid": "8622b297bce54b408e36d546cef8019d",
  "visibility": "public"
 }
 ```
--- a/docs/usage/git-push-options.md
+++ b/docs/usage/git-push-options.md
@@ -0,0 +1,32 @@
 # Push Options
 Opengist has support for a few [Git push options](https://git-scm.com/docs/git-push#Documentation/git-push.txt--oltoptiongt). 
 These options are passed to `git push` command and can be used to change the metadata of a gist.
 ## Set URL
 ```shell
 git push -o url=mygist # Will set the URL to https://opengist.example.com/user/mygist
 ```
 ## Change title
 ```shell
 git push -o title=Gist123
 git push -o title="My Gist 123"
 ```
 ## Change description
 ```shell
 git push -o description="This is my gist description"
 ```
 ## Change visibility
 ```shell
 git push -o visibility=public
 git push -o visibility=unlisted
 git push -o visibility=private
 ```
--- a/docs/usage/import-from-github-gist.md
+++ b/docs/usage/import-from-github-gist.md
@@ -0,0 +1,23 @@
 # Import Gists from GitHub
 After running Opengist at least once, you can import your Gists from GitHub using this script:
 ```shell
 github_user=user # replace with your GitHub username
 opengist_url="http://user:password@opengist.url/init" # replace user, password and Opengist url
 curl -s https://api.github.com/users/"$github_user"/gists?per_page=100 | jq '.[] | .git_pull_url' -r | while read url; do 
    git clone "$url"
    repo_dir=$(basename "$url" .git)
    # Add remote, push, and remove the directory
    if [ -d "$repo_dir" ]; then
        cd "$repo_dir"
        git remote add gist "$opengist_url"
        git push -u gist --all
        cd ..
        rm -rf "$repo_dir"
    fi
 done
 ```
--- a/docs/usage/init-via-git.md
+++ b/docs/usage/init-via-git.md
@@ -0,0 +1,42 @@
 # Init Gists via Git
 Opengist allows you to create new snippets via Git over HTTP.
 Simply init a new Git repository where your file(s) is/are located:
 ```shell
 git init
 git add .
 git commit -m "My cool snippet"
 ```
 Then add this Opengist special remote URL and push your changes:
 ```shell
 git remote add origin http://localhost:6157/init
 git push -u origin master
 ```
 Log in with your Opengist account credentials, and your snippet will be created at the specified URL:
 ```shell
 Username for 'http://localhost:6157': thomas
 Password for 'http://thomas@localhost:6157':
 Enumerating objects: 3, done.
 Counting objects: 100% (3/3), done.
 Delta compression using up to 8 threads
 Compressing objects: 100% (2/2), done.
 Writing objects: 100% (3/3), 416 bytes | 416.00 KiB/s, done.
 Total 3 (delta 0), reused 0 (delta 0), pack-reused 0
 remote:
 remote: Your new repository has been created here: http://localhost:6157/thomas/6051e930f140429f9a2f3bb1fa101066
 remote:
 remote: If you want to keep working with your gist, you could set the remote URL via:
 remote: git remote set-url origin http://localhost:6157/thomas/6051e930f140429f9a2f3bb1fa101066
 remote:
 To http://localhost:6157/init
 * [new branch]      master -> master
 ```
 <video controls="controls" src="https://github.com/thomiceli/opengist/assets/27960254/3fe1a0ba-b638-4928-83a1-f38e46fea066" />
--- a/fs_embed.go
+++ b/fs_embed.go
@@ -1,8 +0,0 @@
 //go:build fs_embed
 package main
 import "embed"
 //go:embed templates/*/*.html public/manifest.json public/assets/*.js public/assets/*.css public/assets/*.svg public/assets/*.png
 var dirFS embed.FS
--- a/fs_os.go
+++ b/fs_os.go
@@ -1,7 +0,0 @@
 //go:build !fs_embed
 package main
 import "os"
 var dirFS = os.DirFS(".")
--- a/go.mod
+++ b/go.mod
@@ -1,42 +1,112 @@
 module github.com/thomiceli/opengist
-go 1.19
+go 1.23
 require (
-	github.com/go-playground/validator/v10 v10.11.0
+	github.com/Kunde21/markdownfmt/v3 v3.1.0
-	github.com/google/uuid v1.3.0
+	github.com/alecthomas/chroma/v2 v2.14.0
-	github.com/gorilla/sessions v1.2.1
+	github.com/blevesearch/bleve/v2 v2.4.3
-	github.com/labstack/echo/v4 v4.10.0
+	github.com/dustin/go-humanize v1.0.1
-	github.com/markbates/goth v1.77.0
+	github.com/glebarez/sqlite v1.11.0
-	github.com/mattn/go-sqlite3 v1.14.13
+	github.com/go-playground/validator/v10 v10.23.0
-	github.com/rs/zerolog v1.29.0
+	github.com/go-webauthn/webauthn v0.11.2
-	golang.org/x/crypto v0.2.0
+	github.com/google/uuid v1.6.0
-	golang.org/x/text v0.7.0
+	github.com/gorilla/schema v1.4.1
 	github.com/gorilla/securecookie v1.1.2
 	github.com/gorilla/sessions v1.4.0
 	github.com/labstack/echo/v4 v4.12.0
 	github.com/markbates/goth v1.80.0
 	github.com/pquerna/otp v1.4.0
 	github.com/rs/zerolog v1.33.0
 	github.com/stretchr/testify v1.10.0
 	github.com/urfave/cli/v2 v2.27.5
 	github.com/yuin/goldmark v1.7.8
 	github.com/yuin/goldmark-emoji v1.0.4
 	github.com/yuin/goldmark-highlighting/v2 v2.0.0-20230729083705-37449abec8cc
 	go.abhg.dev/goldmark/mermaid v0.5.0
 	golang.org/x/crypto v0.29.0
 	golang.org/x/text v0.20.0
 	gopkg.in/yaml.v3 v3.0.1
-	gorm.io/driver/sqlite v1.3.2
+	gorm.io/driver/mysql v1.5.7
-	gorm.io/gorm v1.23.5
+	gorm.io/driver/postgres v1.5.10
 	gorm.io/gorm v1.25.12
 )
 require (
-	github.com/go-playground/locales v0.14.0 // indirect
+	filippo.io/edwards25519 v1.1.0 // indirect
-	github.com/go-playground/universal-translator v0.18.0 // indirect
+	github.com/RoaringBitmap/roaring v1.9.4 // indirect
 	github.com/bits-and-blooms/bitset v1.17.0 // indirect
 	github.com/blevesearch/bleve_index_api v1.1.13 // indirect
 	github.com/blevesearch/geo v0.1.20 // indirect
 	github.com/blevesearch/go-faiss v1.0.23 // indirect
 	github.com/blevesearch/go-porterstemmer v1.0.3 // indirect
 	github.com/blevesearch/gtreap v0.1.1 // indirect
 	github.com/blevesearch/mmap-go v1.0.4 // indirect
 	github.com/blevesearch/scorch_segment_api/v2 v2.2.16 // indirect
 	github.com/blevesearch/segment v0.9.1 // indirect
 	github.com/blevesearch/snowballstem v0.9.0 // indirect
 	github.com/blevesearch/upsidedown_store_api v1.0.2 // indirect
 	github.com/blevesearch/vellum v1.0.11 // indirect
 	github.com/blevesearch/zapx/v11 v11.3.10 // indirect
 	github.com/blevesearch/zapx/v12 v12.3.10 // indirect
 	github.com/blevesearch/zapx/v13 v13.3.10 // indirect
 	github.com/blevesearch/zapx/v14 v14.3.10 // indirect
 	github.com/blevesearch/zapx/v15 v15.3.16 // indirect
 	github.com/blevesearch/zapx/v16 v16.1.8 // indirect
 	github.com/boombuler/barcode v1.0.2 // indirect
 	github.com/cpuguy83/go-md2man/v2 v2.0.5 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/dlclark/regexp2 v1.11.4 // indirect
 	github.com/fxamacker/cbor/v2 v2.7.0 // indirect
 	github.com/gabriel-vasile/mimetype v1.4.7 // indirect
 	github.com/glebarez/go-sqlite v1.22.0 // indirect
 	github.com/go-playground/locales v0.14.1 // indirect
 	github.com/go-playground/universal-translator v0.18.1 // indirect
 	github.com/go-sql-driver/mysql v1.8.1 // indirect
 	github.com/go-webauthn/x v0.1.15 // indirect
 	github.com/golang-jwt/jwt v3.2.2+incompatible // indirect
-	github.com/golang/protobuf v1.4.2 // indirect
+	github.com/golang-jwt/jwt/v5 v5.2.1 // indirect
-	github.com/gorilla/context v1.1.1 // indirect
+	github.com/golang/geo v0.0.0-20230421003525-6adc56603217 // indirect
-	github.com/gorilla/mux v1.6.2 // indirect
+	github.com/golang/protobuf v1.5.4 // indirect
-	github.com/gorilla/securecookie v1.1.1 // indirect
+	github.com/golang/snappy v0.0.4 // indirect
 	github.com/google/go-tpm v0.9.1 // indirect
 	github.com/gorilla/mux v1.8.1 // indirect
 	github.com/jackc/pgpassfile v1.0.0 // indirect
 	github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 // indirect
 	github.com/jackc/pgx/v5 v5.7.1 // indirect
 	github.com/jackc/puddle/v2 v2.2.2 // indirect
 	github.com/jinzhu/inflection v1.0.0 // indirect
 	github.com/jinzhu/now v1.1.5 // indirect
-	github.com/labstack/gommon v0.4.0 // indirect
+	github.com/json-iterator/go v1.1.12 // indirect
-	github.com/leodido/go-urn v1.2.1 // indirect
+	github.com/kr/text v0.2.0 // indirect
 	github.com/labstack/gommon v0.4.2 // indirect
 	github.com/leodido/go-urn v1.4.0 // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect
-	github.com/mattn/go-isatty v0.0.17 // indirect
+	github.com/mattn/go-isatty v0.0.20 // indirect
 	github.com/mattn/go-runewidth v0.0.16 // indirect
 	github.com/mitchellh/mapstructure v1.5.0 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/mschoch/smat v0.2.0 // indirect
 	github.com/ncruces/go-strftime v0.1.9 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec // indirect
 	github.com/rivo/uniseg v0.4.7 // indirect
 	github.com/russross/blackfriday/v2 v2.1.0 // indirect
 	github.com/valyala/bytebufferpool v1.0.0 // indirect
 	github.com/valyala/fasttemplate v1.2.2 // indirect
-	golang.org/x/net v0.7.0 // indirect
+	github.com/x448/float16 v0.8.4 // indirect
-	golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43 // indirect
+	github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 // indirect
-	golang.org/x/sys v0.5.0 // indirect
+	go.etcd.io/bbolt v1.3.11 // indirect
-	golang.org/x/time v0.2.0 // indirect
+	golang.org/x/exp v0.0.0-20241108190413-2d47ceb2692f // indirect
-	google.golang.org/appengine v1.6.6 // indirect
+	golang.org/x/net v0.31.0 // indirect
-	google.golang.org/protobuf v1.25.0 // indirect
+	golang.org/x/oauth2 v0.24.0 // indirect
 	golang.org/x/sync v0.9.0 // indirect
 	golang.org/x/sys v0.27.0 // indirect
 	golang.org/x/time v0.8.0 // indirect
 	google.golang.org/protobuf v1.35.2 // indirect
 	modernc.org/libc v1.61.2 // indirect
 	modernc.org/mathutil v1.6.0 // indirect
 	modernc.org/memory v1.8.0 // indirect
 	modernc.org/sqlite v1.34.1 // indirect
 )
--- a/go.sum
+++ b/go.sum
@@ -1,498 +1,294 @@
-cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
+filippo.io/edwards25519 v1.1.0 h1:FNf4tywRC1HmFuKW5xopWpigGjJKiJSV0Cqo0cJWDaA=
-cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
+filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4VDT4=
-cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU=
+github.com/Kunde21/markdownfmt/v3 v3.1.0 h1:KiZu9LKs+wFFBQKhrZJrFZwtLnCCWJahL+S+E/3VnM0=
-cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU=
+github.com/Kunde21/markdownfmt/v3 v3.1.0/go.mod h1:tPXN1RTyOzJwhfHoon9wUr4HGYmWgVxSQN6VBJDkrVc=
-cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY=
+github.com/RoaringBitmap/roaring v1.9.4 h1:yhEIoH4YezLYT04s1nHehNO64EKFTop/wBhxv2QzDdQ=
-cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc=
+github.com/RoaringBitmap/roaring v1.9.4/go.mod h1:6AXUsoIEzDTFFQCe1RbGA6uFONMhvejWj5rqITANK90=
-cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0=
+github.com/alecthomas/assert/v2 v2.7.0 h1:QtqSACNS3tF7oasA8CU6A6sXZSBDqnm7RfpLl9bZqbE=
-cloud.google.com/go v0.50.0/go.mod h1:r9sluTvynVuxRIOHXQEHMFffphuXHOMZMycpNR5e6To=
+github.com/alecthomas/assert/v2 v2.7.0/go.mod h1:Bze95FyfUr7x34QZrjL+XP+0qgp/zg8yS+TtBj1WA3k=
-cloud.google.com/go v0.52.0/go.mod h1:pXajvRH/6o3+F9jDHZWQ5PbGhn+o8w9qiu/CffaVdO4=
+github.com/alecthomas/chroma/v2 v2.2.0/go.mod h1:vf4zrexSH54oEjJ7EdB65tGNHmH3pGZmVkgTP5RHvAs=
-cloud.google.com/go v0.53.0/go.mod h1:fp/UouUEsRkN6ryDKNW/Upv/JBKnv6WDthjR6+vze6M=
+github.com/alecthomas/chroma/v2 v2.14.0 h1:R3+wzpnUArGcQz7fCETQBzO5n9IMNi13iIs46aU4V9E=
-cloud.google.com/go v0.54.0/go.mod h1:1rq2OEkV3YMf6n/9ZvGWI3GWw0VoqH/1x2nd8Is/bPc=
+github.com/alecthomas/chroma/v2 v2.14.0/go.mod h1:QolEbTfmUHIMVpBqxeDnNBj2uoeI4EbYP4i6n68SG4I=
-cloud.google.com/go v0.56.0/go.mod h1:jr7tqZxxKOVYizybht9+26Z/gUq7tiRzu+ACVAMbKVk=
+github.com/alecthomas/repr v0.0.0-20220113201626-b1b626ac65ae/go.mod h1:2kn6fqh/zIyPLmm3ugklbEi5hg5wS435eygvNfaDQL8=
-cloud.google.com/go v0.57.0/go.mod h1:oXiQ6Rzq3RAkkY7N6t3TcE6jE+CIBBbA36lwQ1JyzZs=
+github.com/alecthomas/repr v0.4.0 h1:GhI2A8MACjfegCPVq9f1FLvIBS+DrQ2KQBFZP1iFzXc=
-cloud.google.com/go v0.62.0/go.mod h1:jmCYTdRCQuc1PHIIJ/maLInMho30T/Y0M4hTdTShOYc=
+github.com/alecthomas/repr v0.4.0/go.mod h1:Fr0507jx4eOXV7AlPV6AVZLYrLIuIeSOWtW57eE/O/4=
-cloud.google.com/go v0.65.0/go.mod h1:O5N8zS7uWy9vkA9vayVHs65eM1ubvY4h553ofrNHObY=
+github.com/bits-and-blooms/bitset v1.12.0/go.mod h1:7hO7Gc7Pp1vODcmWvKMRA9BNmbv6a/7QIWpPxHddWR8=
-cloud.google.com/go v0.67.0/go.mod h1:YNan/mUhNZFrYUor0vqrsQ0Ffl7Xtm/ACOy/vsTS858=
+github.com/bits-and-blooms/bitset v1.17.0 h1:1X2TS7aHz1ELcC0yU1y2stUs/0ig5oMU6STFZGrhvHI=
-cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o=
+github.com/bits-and-blooms/bitset v1.17.0/go.mod h1:7hO7Gc7Pp1vODcmWvKMRA9BNmbv6a/7QIWpPxHddWR8=
-cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE=
+github.com/blevesearch/bleve/v2 v2.4.3 h1:XDYj+1prgX84L2Cf+V3ojrOPqXxy0qxyd2uLMmeuD+4=
-cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc=
+github.com/blevesearch/bleve/v2 v2.4.3/go.mod h1:hEPDPrbYw3vyrm5VOa36GyS4bHWuIf4Fflp7460QQXY=
-cloud.google.com/go/bigquery v1.5.0/go.mod h1:snEHRnqQbz117VIFhE8bmtwIDY80NLUZUMb4Nv6dBIg=
+github.com/blevesearch/bleve_index_api v1.1.13 h1:+nrA6oRJr85aCPyqaeZtsruObwKojutfonHJin/BP48=
-cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4gLoIoXIAPc=
+github.com/blevesearch/bleve_index_api v1.1.13/go.mod h1:PbcwjIcRmjhGbkS/lJCpfgVSMROV6TRubGGAODaK1W8=
-cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ=
+github.com/blevesearch/geo v0.1.20 h1:paaSpu2Ewh/tn5DKn/FB5SzvH0EWupxHEIwbCk/QPqM=
-cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE=
+github.com/blevesearch/geo v0.1.20/go.mod h1:DVG2QjwHNMFmjo+ZgzrIq2sfCh6rIHzy9d9d0B59I6w=
-cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk=
+github.com/blevesearch/go-faiss v1.0.23 h1:Wmc5AFwDLKGl2L6mjLX1Da3vCL0EKa2uHHSorcIS1Uc=
-cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I=
+github.com/blevesearch/go-faiss v1.0.23/go.mod h1:OMGQwOaRRYxrmeNdMrXJPvVx8gBnvE5RYrr0BahNnkk=
-cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw=
+github.com/blevesearch/go-porterstemmer v1.0.3 h1:GtmsqID0aZdCSNiY8SkuPJ12pD4jI+DdXTAn4YRcHCo=
-cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA=
+github.com/blevesearch/go-porterstemmer v1.0.3/go.mod h1:angGc5Ht+k2xhJdZi511LtmxuEf0OVpvUUNrwmM1P7M=
-cloud.google.com/go/pubsub v1.3.1/go.mod h1:i+ucay31+CNRpDW4Lu78I4xXG+O1r/MAHgjpRVR+TSU=
+github.com/blevesearch/gtreap v0.1.1 h1:2JWigFrzDMR+42WGIN/V2p0cUvn4UP3C4Q5nmaZGW8Y=
-cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw=
+github.com/blevesearch/gtreap v0.1.1/go.mod h1:QaQyDRAT51sotthUWAH4Sj08awFSSWzgYICSZ3w0tYk=
-cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0ZeosJ0Rtdos=
+github.com/blevesearch/mmap-go v1.0.4 h1:OVhDhT5B/M1HNPpYPBKIEJaD0F3Si+CrEKULGCDPWmc=
-cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk=
+github.com/blevesearch/mmap-go v1.0.4/go.mod h1:EWmEAOmdAS9z/pi/+Toxu99DnsbhG1TIxUoRmJw/pSs=
-cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs=
+github.com/blevesearch/scorch_segment_api/v2 v2.2.16 h1:uGvKVvG7zvSxCwcm4/ehBa9cCEuZVE+/zvrSl57QUVY=
-cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0=
+github.com/blevesearch/scorch_segment_api/v2 v2.2.16/go.mod h1:VF5oHVbIFTu+znY1v30GjSpT5+9YFs9dV2hjvuh34F0=
-dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
+github.com/blevesearch/segment v0.9.1 h1:+dThDy+Lvgj5JMxhmOVlgFfkUtZV2kw49xax4+jTfSU=
-github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
+github.com/blevesearch/segment v0.9.1/go.mod h1:zN21iLm7+GnBHWTao9I+Au/7MBiL8pPFtJBJTsk6kQw=
-github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
+github.com/blevesearch/snowballstem v0.9.0 h1:lMQ189YspGP6sXvZQ4WZ+MLawfV8wOmPoD/iWeNXm8s=
-github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
+github.com/blevesearch/snowballstem v0.9.0/go.mod h1:PivSj3JMc8WuaFkTSRDW2SlrulNWPl4ABg1tC/hlgLs=
-github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI=
+github.com/blevesearch/upsidedown_store_api v1.0.2 h1:U53Q6YoWEARVLd1OYNc9kvhBMGZzVrdmaozG2MfoB+A=
-github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI=
+github.com/blevesearch/upsidedown_store_api v1.0.2/go.mod h1:M01mh3Gpfy56Ps/UXHjEO/knbqyQ1Oamg8If49gRwrQ=
-github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU=
+github.com/blevesearch/vellum v1.0.11 h1:SJI97toEFTtA9WsDZxkyGTaBWFdWl1n2LEDCXLCq/AU=
-github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
+github.com/blevesearch/vellum v1.0.11/go.mod h1:QgwWryE8ThtNPxtgWJof5ndPfx0/YMBh+W2weHKPw8Y=
-github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
+github.com/blevesearch/zapx/v11 v11.3.10 h1:hvjgj9tZ9DeIqBCxKhi70TtSZYMdcFn7gDb71Xo/fvk=
-github.com/coreos/go-systemd/v22 v22.3.3-0.20220203105225-a9a7ef127534/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc=
+github.com/blevesearch/zapx/v11 v11.3.10/go.mod h1:0+gW+FaE48fNxoVtMY5ugtNHHof/PxCqh7CnhYdnMzQ=
 github.com/blevesearch/zapx/v12 v12.3.10 h1:yHfj3vXLSYmmsBleJFROXuO08mS3L1qDCdDK81jDl8s=
 github.com/blevesearch/zapx/v12 v12.3.10/go.mod h1:0yeZg6JhaGxITlsS5co73aqPtM04+ycnI6D1v0mhbCs=
 github.com/blevesearch/zapx/v13 v13.3.10 h1:0KY9tuxg06rXxOZHg3DwPJBjniSlqEgVpxIqMGahDE8=
 github.com/blevesearch/zapx/v13 v13.3.10/go.mod h1:w2wjSDQ/WBVeEIvP0fvMJZAzDwqwIEzVPnCPrz93yAk=
 github.com/blevesearch/zapx/v14 v14.3.10 h1:SG6xlsL+W6YjhX5N3aEiL/2tcWh3DO75Bnz77pSwwKU=
 github.com/blevesearch/zapx/v14 v14.3.10/go.mod h1:qqyuR0u230jN1yMmE4FIAuCxmahRQEOehF78m6oTgns=
 github.com/blevesearch/zapx/v15 v15.3.16 h1:Ct3rv7FUJPfPk99TI/OofdC+Kpb4IdyfdMH48sb+FmE=
 github.com/blevesearch/zapx/v15 v15.3.16/go.mod h1:Turk/TNRKj9es7ZpKK95PS7f6D44Y7fAFy8F4LXQtGg=
 github.com/blevesearch/zapx/v16 v16.1.8 h1:Bxzpw6YQpFs7UjoCV1+RvDw6fmAT2GZxldwX8b3wVBM=
 github.com/blevesearch/zapx/v16 v16.1.8/go.mod h1:JqQlOqlRVaYDkpLIl3JnKql8u4zKTNlVEa3nLsi0Gn8=
 github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8=
 github.com/boombuler/barcode v1.0.2 h1:79yrbttoZrLGkL/oOI8hBrUKucwOL0oOjUgEguGMcJ4=
 github.com/boombuler/barcode v1.0.2/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8=
 github.com/chromedp/cdproto v0.0.0-20230220211738-2b1ec77315c9 h1:wMSvdj3BswqfQOXp2R1bJOAE7xIQLt2dlMQDMf836VY=
 github.com/chromedp/cdproto v0.0.0-20230220211738-2b1ec77315c9/go.mod h1:GKljq0VrfU4D5yc+2qA6OVr8pmO/MBbPEWqWQ/oqGEs=
 github.com/chromedp/chromedp v0.9.1 h1:CC7cC5p1BeLiiS2gfNNPwp3OaUxtRMBjfiw3E3k6dFA=
 github.com/chromedp/chromedp v0.9.1/go.mod h1:DUgZWRvYoEfgi66CgZ/9Yv+psgi+Sksy5DTScENWjaQ=
 github.com/chromedp/sysutil v1.0.0 h1:+ZxhTpfpZlmchB58ih/LBHX52ky7w2VhQVKQMucy3Ic=
 github.com/chromedp/sysutil v1.0.0/go.mod h1:kgWmDdq8fTzXYcKIBqIYvRRTnYb9aNS9moAV0xufSww=
 github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc=
 github.com/cpuguy83/go-md2man/v2 v2.0.5 h1:ZtcqGrnekaHpVLArFSe4HK5DoKx1T0rq2DwVB0alcyc=
 github.com/cpuguy83/go-md2man/v2 v2.0.5/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
 github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/decred/dcrd/crypto/blake256 v1.0.0/go.mod h1:sQl2p6Y26YV+ZOcSTP6thNdn47hh8kt6rqSlvmrXFAc=
+github.com/dlclark/regexp2 v1.4.0/go.mod h1:2pZnwuY/m+8K6iRw6wQdMtk+rH5tNGR1i55kozfMjCc=
-github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.0-20210816181553-5444fa50b93d/go.mod h1:tmAIfUFEirG/Y8jhZ9M+h36obRZAk/1fcSpXwAVlfqE=
+github.com/dlclark/regexp2 v1.7.0/go.mod h1:DHkYz0B9wPfa6wondMfaivmHpzrQ3v9q8cnmRbL6yW8=
-github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
+github.com/dlclark/regexp2 v1.11.4 h1:rPYF9/LECdNymJufQKmri9gV604RvvABwgOA8un7yAo=
-github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
+github.com/dlclark/regexp2 v1.11.4/go.mod h1:DHkYz0B9wPfa6wondMfaivmHpzrQ3v9q8cnmRbL6yW8=
-github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
+github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY=
-github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
+github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto=
-github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU=
+github.com/fxamacker/cbor/v2 v2.7.0 h1:iM5WgngdRBanHcxugY4JySA0nk1wZorNOpTgCMedv5E=
-github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
+github.com/fxamacker/cbor/v2 v2.7.0/go.mod h1:pxXPTn3joSm21Gbwsv0w9OSA2y1HFR9qXEeXQVeNoDQ=
-github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
+github.com/gabriel-vasile/mimetype v1.4.7 h1:SKFKl7kD0RiPdbht0s7hFtjl489WcQ1VyPW8ZzUMYCA=
-github.com/go-playground/assert/v2 v2.0.1 h1:MsBgLAaY856+nPRTKrp3/OZK38U/wa0CcBYNjji3q3A=
+github.com/gabriel-vasile/mimetype v1.4.7/go.mod h1:GDlAgAyIRT27BhFl53XNAFtfjzOkLaF35JdEG0P7LtU=
-github.com/go-playground/assert/v2 v2.0.1/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4=
+github.com/glebarez/go-sqlite v1.22.0 h1:uAcMJhaA6r3LHMTFgP0SifzgXg46yJkgxqyuyec+ruQ=
-github.com/go-playground/locales v0.14.0 h1:u50s323jtVGugKlcYeyzC0etD1HifMjqmJqb8WugfUU=
+github.com/glebarez/go-sqlite v1.22.0/go.mod h1:PlBIdHe0+aUEFn+r2/uthrWq4FxbzugL0L8Li6yQJbc=
-github.com/go-playground/locales v0.14.0/go.mod h1:sawfccIbzZTqEDETgFXqTho0QybSa7l++s0DH+LDiLs=
+github.com/glebarez/sqlite v1.11.0 h1:wSG0irqzP6VurnMEpFGer5Li19RpIRi2qvQz++w0GMw=
-github.com/go-playground/universal-translator v0.18.0 h1:82dyy6p4OuJq4/CByFNOn/jYrnRPArHwAcmLoJZxyho=
+github.com/glebarez/sqlite v1.11.0/go.mod h1:h8/o8j5wiAsqSPoWELDUdJXhjAhsVliSn7bWZjOhrgQ=
-github.com/go-playground/universal-translator v0.18.0/go.mod h1:UvRDBj+xPUEGrFYl+lu/H90nyDXpg0fqeB/AQUGNTVA=
+github.com/go-playground/assert/v2 v2.2.0 h1:JvknZsQTYeFEAhQwI4qEt9cyV5ONwRHC+lYKSsYSR8s=
-github.com/go-playground/validator/v10 v10.11.0 h1:0W+xRM511GY47Yy3bZUbJVitCNg2BOGlCyvTqsp/xIw=
+github.com/go-playground/assert/v2 v2.2.0/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4=
-github.com/go-playground/validator/v10 v10.11.0/go.mod h1:i+3WkQ1FvaUjjxh1kSvIA4dMGDBiPU55YFDl0WbKdWU=
+github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/oXslEjJA=
-github.com/goccy/go-json v0.9.6/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I=
+github.com/go-playground/locales v0.14.1/go.mod h1:hxrqLVvrK65+Rwrd5Fc6F2O76J/NuW9t0sjnWqG1slY=
 github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJnYK9S473LQFuzCbDbfSFY=
 github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY=
 github.com/go-playground/validator/v10 v10.23.0 h1:/PwmTwZhS0dPkav3cdK9kV1FsAmrL8sThn8IHr/sO+o=
 github.com/go-playground/validator/v10 v10.23.0/go.mod h1:dbuPbCMFw/DrkbEynArYaCwl3amGuJotoKCe95atGMM=
 github.com/go-sql-driver/mysql v1.7.0/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI=
 github.com/go-sql-driver/mysql v1.8.1 h1:LedoTUt/eveggdHS9qUFC1EFSa8bU2+1pZjSRpvNJ1Y=
 github.com/go-sql-driver/mysql v1.8.1/go.mod h1:wEBSXgmK//2ZFJyE+qWnIsVGmvmEKlqwuVSjsCm7DZg=
 github.com/go-webauthn/webauthn v0.11.2 h1:Fgx0/wlmkClTKlnOsdOQ+K5HcHDsDcYIvtYmfhEOSUc=
 github.com/go-webauthn/webauthn v0.11.2/go.mod h1:aOtudaF94pM71g3jRwTYYwQTG1KyTILTcZqN1srkmD0=
 github.com/go-webauthn/x v0.1.15 h1:eG1OhggBJTkDE8gUeOlGRbRe8E/PSVG26YG4AyFbwkU=
 github.com/go-webauthn/x v0.1.15/go.mod h1:pf7VI23raFLHPO9VVIs9/u1etqwAOP0S2KoHGL6WbZ8=
 github.com/gobwas/httphead v0.1.0 h1:exrUm0f4YX0L7EBwZHuCF4GDp8aJfVeBrlLQrs6NqWU=
 github.com/gobwas/httphead v0.1.0/go.mod h1:O/RXo79gxV8G+RqlR/otEwx4Q36zl9rqC5u12GKvMCM=
 github.com/gobwas/pool v0.2.1 h1:xfeeEhW7pwmX8nuLVlqbzVc7udMDrwetjEv+TZIz1og=
 github.com/gobwas/pool v0.2.1/go.mod h1:q8bcK0KcYlCgd9e7WYLm9LpyS+YeLd8JVDW6WezmKEw=
 github.com/gobwas/ws v1.1.0 h1:7RFti/xnNkMJnrK7D1yQ/iCIB5OrrY/54/H930kIbHA=
 github.com/gobwas/ws v1.1.0/go.mod h1:nzvNcVha5eUziGrbxFCo6qFIojQHjJV5cLYIbezhfL0=
 github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
 github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY=
 github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
-github.com/golang-jwt/jwt/v4 v4.2.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
+github.com/golang-jwt/jwt/v5 v5.2.1 h1:OuVbFODueb089Lh128TAcimifWaLhJwVflnrgM17wHk=
-github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
+github.com/golang-jwt/jwt/v5 v5.2.1/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
-github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
+github.com/golang/geo v0.0.0-20230421003525-6adc56603217 h1:HKlyj6in2JV6wVkmQ4XmG/EIm+SCYlPZ+V4GWit7Z+I=
-github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
+github.com/golang/geo v0.0.0-20230421003525-6adc56603217/go.mod h1:8wI0hitZ3a1IxZfeH3/5I97CI8i5cLGsYe7xNhQGs9U=
-github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
+github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
-github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
+github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps=
-github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
+github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM=
-github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y=
+github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
-github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
+github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
-github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
+github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
-github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
+github.com/google/go-tpm v0.9.1 h1:0pGc4X//bAlmZzMKf8iz6IsDo1nYTbYJ6FZN/rg4zdM=
-github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4=
+github.com/google/go-tpm v0.9.1/go.mod h1:h9jEsEECg7gtLis0upRBQU+GhYVH6jMjrFxI8u6bVUY=
-github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
-github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0=
-github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
-github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw=
+github.com/google/pprof v0.0.0-20240409012703-83162a5b38cd h1:gbpYu9NMq8jhDVbvlGkMFWCjLFlqqEZjEmObmhUy6Vo=
-github.com/golang/protobuf v1.3.4/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw=
+github.com/google/pprof v0.0.0-20240409012703-83162a5b38cd/go.mod h1:kf6iHlnVGwgKolg33glAes7Yg/8iWP8ukqeldJSO7jw=
-github.com/golang/protobuf v1.3.5/go.mod h1:6O5/vntMXwX2lRkT1hjjk0nAC1IDOTvTlVgjlRvqsdk=
+github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
-github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
+github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
-github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
+github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY=
-github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs=
+github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWSiMQ=
-github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w=
+github.com/gorilla/schema v1.4.1 h1:jUg5hUjCSDZpNGLuXQOgIWGdlgrIdYvgQ0wZtdK1M3E=
-github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0=
+github.com/gorilla/schema v1.4.1/go.mod h1:Dg5SSm5PV60mhF2NFaTV1xuYYj8tV8NOPRo4FggUMnM=
-github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8=
+github.com/gorilla/securecookie v1.1.2 h1:YCIWL56dvtr73r6715mJs5ZvhtnY73hBvEF8kXD8ePA=
-github.com/golang/protobuf v1.4.2 h1:+Z5KGCizgyZCbGh1KZqA0fcLLkwbsjIzS4aV2v7wJX0=
+github.com/gorilla/securecookie v1.1.2/go.mod h1:NfCASbcHqRSY+3a8tlWJwsQap2VX5pwzwo4h3eOamfo=
-github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
+github.com/gorilla/sessions v1.4.0 h1:kpIYOp/oi6MG/p5PgxApU8srsSw9tuFbt46Lt7auzqQ=
-github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
+github.com/gorilla/sessions v1.4.0/go.mod h1:FLWm50oby91+hl7p/wRxDth9bWSuk0qVL2emc7lT5ik=
-github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
+github.com/hexops/gotextdiff v1.0.3 h1:gitA9+qJrrTCsiCl7+kh75nPqQt1cx4ZkudSTLoUqJM=
-github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
+github.com/hexops/gotextdiff v1.0.3/go.mod h1:pSWU5MAI3yDq+fZBTazCSJysOMbxWL1BSow5/V2vxeg=
-github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
+github.com/jackc/pgpassfile v1.0.0 h1:/6Hmqy13Ss2zCq62VdNG8tM1wchn8zjSGOBJ6icpsIM=
-github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
+github.com/jackc/pgpassfile v1.0.0/go.mod h1:CEx0iS5ambNFdcRtxPj5JhEz+xB6uRky5eyVu/W2HEg=
-github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 h1:iCEnooe7UlwOQYpKFhBabPMi4aNAfoODPEFNiAnClxo=
-github.com/google/go-cmp v0.4.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761/go.mod h1:5TJZWKEWniPve33vlWYSoGYefn3gLQRzjfDlhSJ9ZKM=
-github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/jackc/pgx/v5 v5.7.1 h1:x7SYsPBYDkHDksogeSmZZ5xzThcTgRz++I5E+ePFUcs=
-github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/jackc/pgx/v5 v5.7.1/go.mod h1:e7O26IywZZ+naJtWWos6i6fvWK+29etgITqrqHLfoZA=
-github.com/google/go-cmp v0.5.2 h1:X2ev0eStA3AbceY54o37/0PQ/UWqKEiiO2dKL5OPaFM=
+github.com/jackc/puddle/v2 v2.2.2 h1:PR8nw+E/1w0GLuRFSmiioY6UooMp6KJv0/61nB7icHo=
-github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/jackc/puddle/v2 v2.2.2/go.mod h1:vriiEXHvEE654aYKXXjOvZM39qJ0q+azkZFrfEOc3H4=
 github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs=
 github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0=
 github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
 github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
 github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
 github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
 github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
 github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
 github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
 github.com/google/pprof v0.0.0-20200905233945-acf8798be1f7/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
 github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
 github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
 github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg=
 github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk=
 github.com/gorilla/context v1.1.1 h1:AWwleXJkX/nhcU9bZSnZoi3h/qGYqQAGhq6zZe/aQW8=
 github.com/gorilla/context v1.1.1/go.mod h1:kBGZzfjB9CEq2AlWe17Uuf7NDRt0dE0s8S51q0aT7Yg=
 github.com/gorilla/mux v1.6.2 h1:Pgr17XVTNXAk3q/r4CpKzC5xBM/qW1uVLV+IhRZpIIk=
 github.com/gorilla/mux v1.6.2/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs=
 github.com/gorilla/pat v0.0.0-20180118222023-199c85a7f6d1/go.mod h1:YeAe0gNeiNT5hoiZRI4yiOky6jVdNvfO2N6Kav/HmxY=
 github.com/gorilla/securecookie v1.1.1 h1:miw7JPhV+b/lAHSXz4qd/nN9jRiAFV5FwjeKyCS8BvQ=
 github.com/gorilla/securecookie v1.1.1/go.mod h1:ra0sb63/xPlUeL+yeDciTfxMRAA+MP+HVt/4epWDjd4=
 github.com/gorilla/sessions v1.1.1/go.mod h1:8KCfur6+4Mqcc6S0FEfKuN15Vl5MgXW92AE8ovaJD0w=
 github.com/gorilla/sessions v1.2.1 h1:DHd3rPN5lE3Ts3D8rKkQ8x/0kqfeNmBAaiSi+o7FsgI=
 github.com/gorilla/sessions v1.2.1/go.mod h1:dk2InVEVJ0sfLlnXv9EAgkf6ecYs/i80K/zI+bUmuGM=
 github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
 github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
 github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
 github.com/jarcoal/httpmock v0.0.0-20180424175123-9c70cfe4a1da/go.mod h1:ks+b9deReOc7jgqp+e7LuFiCBH6Rm5hL32cLcEAArb4=
 github.com/jinzhu/inflection v1.0.0 h1:K317FqzuhWc8YvSVlFMCCUb36O/S9MCKRDI7QkRKD/E=
 github.com/jinzhu/inflection v1.0.0/go.mod h1:h+uFLlag+Qp1Va5pdKtLDYj+kHp5pxUVkryuEj+Srlc=
 github.com/jinzhu/now v1.1.4/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/z8=
 github.com/jinzhu/now v1.1.5 h1:/o9tlHleP7gOFmsnYNz3RGnqzefHA47wQpKrrdTIwXQ=
 github.com/jinzhu/now v1.1.5/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/z8=
-github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
+github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY=
-github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk=
+github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y=
-github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
+github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
-github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
+github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
-github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
+github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
-github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0=
+github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
 github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk=
 github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
-github.com/labstack/echo/v4 v4.10.0 h1:5CiyngihEO4HXsz3vVsJn7f8xAlWwRr3aY6Ih280ZKA=
+github.com/labstack/echo/v4 v4.12.0 h1:IKpw49IMryVB2p1a4dzwlhP1O2Tf2E0Ir/450lH+kI0=
-github.com/labstack/echo/v4 v4.10.0/go.mod h1:S/T/5fy/GigaXnHTkh0ZGe4LpkkQysvRjFMSUTkDRNQ=
+github.com/labstack/echo/v4 v4.12.0/go.mod h1:UP9Cr2DJXbOK3Kr9ONYzNowSh7HP0aG0ShAyycHSJvM=
-github.com/labstack/gommon v0.4.0 h1:y7cvthEAEbU0yHOf4axH8ZG2NH8knB9iNSoTO8dyIk8=
+github.com/labstack/gommon v0.4.2 h1:F8qTUNXgG1+6WQmqoUWnz8WiEU60mXVVw0P4ht1WRA0=
-github.com/labstack/gommon v0.4.0/go.mod h1:uW6kP17uPlLJsD3ijUYn3/M5bAxtlZhMI6m3MFxTMTM=
+github.com/labstack/gommon v0.4.2/go.mod h1:QlUFxVM+SNXhDL/Z7YhocGIBYOiwB0mXm1+1bAPHPyU=
-github.com/leodido/go-urn v1.2.1 h1:BqpAaACuzVSgi/VLzGZIobT2z4v53pjosyNd9Yv6n/w=
+github.com/leodido/go-urn v1.4.0 h1:WT9HwE9SGECu3lg4d/dIA+jxlljEa1/ffXKmRjqdmIQ=
-github.com/leodido/go-urn v1.2.1/go.mod h1:zt4jvISO2HfUBqxjfIshjdMTYS56ZS/qv49ictyFfxY=
+github.com/leodido/go-urn v1.4.0/go.mod h1:bvxc+MVxLKB4z00jd1z+Dvzr47oO32F/QSNjSBOlFxI=
-github.com/lestrrat-go/backoff/v2 v2.0.8/go.mod h1:rHP/q/r9aT27n24JQLa7JhSQZCKBBOiM/uP402WwN8Y=
+github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0=
-github.com/lestrrat-go/blackmagic v1.0.0/go.mod h1:TNgH//0vYSs8VXDCfkZLgIrVTTXQELZffUV0tz3MtdQ=
+github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc=
-github.com/lestrrat-go/httpcc v1.0.0/go.mod h1:tGS/u00Vh5N6FHNkExqGGNId8e0Big+++0Gf8MBnAvE=
+github.com/markbates/goth v1.80.0 h1:NnvatczZDzOs1hn9Ug+dVYf2Viwwkp/ZDX5K+GLjan8=
-github.com/lestrrat-go/iter v1.0.1/go.mod h1:zIdgO1mRKhn8l9vrZJZz9TUMMFbQbLeTsbqPDrJ/OJc=
+github.com/markbates/goth v1.80.0/go.mod h1:4/GYHo+W6NWisrMPZnq0Yr2Q70UntNLn7KXEFhrIdAY=
 github.com/lestrrat-go/jwx v1.2.21/go.mod h1:9cfxnOH7G1gN75CaJP2hKGcxFEx5sPh1abRIA/ZJVh4=
 github.com/lestrrat-go/option v1.0.0/go.mod h1:5ZHFbivi4xwXxhxY9XHDe2FHo6/Z7WWmtT7T5nBBp3I=
 github.com/markbates/going v1.0.0/go.mod h1:I6mnB4BPnEeqo85ynXIx1ZFLLbtiLHNXVgWeFO9OGOA=
 github.com/markbates/goth v1.77.0 h1:s3scqnWv/Zq/a5M766V0FKsLfOdFNdh/HEkuWCKbvT8=
 github.com/markbates/goth v1.77.0/go.mod h1:X6xdNgpapSENS0O35iTBBcMHoJDQDfI9bJl+APCkYMc=
 github.com/mattn/go-colorable v0.1.11/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4=
 github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4=
 github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
 github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
 github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94=
 github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
-github.com/mattn/go-isatty v0.0.17 h1:BTarxUcIeDqL27Mc+vyvdWYSL28zpIhv3RoTdsLMPng=
+github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
-github.com/mattn/go-isatty v0.0.17/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
+github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
-github.com/mattn/go-sqlite3 v1.14.12/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU=
+github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
-github.com/mattn/go-sqlite3 v1.14.13 h1:1tj15ngiFfcZzii7yd82foL+ks+ouQcj8j/TPq3fk1I=
+github.com/mattn/go-runewidth v0.0.16 h1:E5ScNMtiwvlvB5paMFdw9p4kSQzbXFikJ5SQO6TULQc=
-github.com/mattn/go-sqlite3 v1.14.13/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU=
+github.com/mattn/go-runewidth v0.0.16/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
-github.com/mrjones/oauth v0.0.0-20180629183705-f4e24b6d100c/go.mod h1:skjdDftzkFALcuGzYSklqYd8gvat6F1gZJ4YPVbkZpM=
+github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY=
-github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA=
+github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
 github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
 github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M=
 github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
 github.com/mschoch/smat v0.2.0 h1:8imxQsjDm8yFEAVBe7azKmKSgzSkZXDuKkSq9374khM=
 github.com/mschoch/smat v0.2.0/go.mod h1:kc9mz7DoBKqDyiRL7VZN8KvXQMWeTaVnttLRXOlotKw=
 github.com/ncruces/go-strftime v0.1.9 h1:bY0MQC28UADQmHmaF5dgpLmImcShSi2kHU9XLdhx/f4=
 github.com/ncruces/go-strftime v0.1.9/go.mod h1:Fwc5htZGVVkseilnfgOVb9mKy6w1naJmn9CehxcKcls=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
+github.com/pquerna/otp v1.4.0 h1:wZvl1TIVxKRThZIBiwOOHOGP/1+nZyWBil9Y2XNEDzg=
-github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
+github.com/pquerna/otp v1.4.0/go.mod h1:dkJfzwRKNiegxyNb54X/3fLwhCynbMspSyWKnvi1AEg=
-github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
+github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec h1:W09IVJc94icq4NjY3clb7Lk8O1qJ8BdBEF8z0ibU0rE=
-github.com/rogpeppe/go-internal v1.8.0 h1:FCbCCtXNOY3UtUuHUYaghJg4y7Fd14rXifAYUAtL9R8=
+github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo=
-github.com/rogpeppe/go-internal v1.8.0/go.mod h1:WmiCO8CzOY8rg0OYDC4/i/2WRWAB6poM+XZ2dLUbcbE=
+github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
-github.com/rs/xid v1.4.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg=
+github.com/rivo/uniseg v0.4.7 h1:WUdvkW8uEhrYfLC4ZzdpI2ztxP1I582+49Oc5Mq64VQ=
-github.com/rs/zerolog v1.29.0 h1:Zes4hju04hjbvkVkOhdl2HpZa+0PmVwigmo8XoORE5w=
+github.com/rivo/uniseg v0.4.7/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88=
-github.com/rs/zerolog v1.29.0/go.mod h1:NILgTygv/Uej1ra5XxGf82ZFSLk58MFGAUS2o6usyD0=
+github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8=
 github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4=
 github.com/rs/xid v1.5.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg=
 github.com/rs/zerolog v1.33.0 h1:1cU2KZkvPxNyfgEmhHAz/1A9Bz+llsdYzklWFzgp0r8=
 github.com/rs/zerolog v1.33.0/go.mod h1:/7mN4D5sKwJLZQ2b/znpjC3/GQWY/xaDXUM0kKWRHss=
 github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk=
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
-github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
+github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
-github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk=
+github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
 github.com/urfave/cli/v2 v2.27.5 h1:WoHEJLdsXr6dDWoJgMq/CboDmyY/8HMMH1fTECbih+w=
 github.com/urfave/cli/v2 v2.27.5/go.mod h1:3Sevf16NykTbInEnD0yKkjDAeZDS0A6bzhBH5hrMvTQ=
 github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw=
 github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc=
 github.com/valyala/fasttemplate v1.2.1/go.mod h1:KHLXt3tVN2HBp8eijSv/kGJopbvo7S+qRAEEKiv+SiQ=
 github.com/valyala/fasttemplate v1.2.2 h1:lxLXG0uE3Qnshl9QyaK6XJxMXlQZELvChBOCmQD0Loo=
 github.com/valyala/fasttemplate v1.2.2/go.mod h1:KHLXt3tVN2HBp8eijSv/kGJopbvo7S+qRAEEKiv+SiQ=
-github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
+github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM=
-github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
+github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg=
-github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
+github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 h1:gEOO8jv9F4OT7lGCjxCBTO/36wtF6j2nSip77qHd4x4=
-github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
+github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1/go.mod h1:Ohn+xnUBiLI6FVj/9LpzZWtj1/D6lUovWYBkxHVV3aM=
-go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU=
+github.com/yuin/goldmark v1.4.15/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
-go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8=
+github.com/yuin/goldmark v1.7.1/go.mod h1:uzxRWxtg69N339t3louHJ7+O03ezfj6PlliRlaOzY1E=
-go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
+github.com/yuin/goldmark v1.7.8 h1:iERMLn0/QJeHFhxSt3p6PeN9mGnvIKSpG9YYorDMnic=
-go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
+github.com/yuin/goldmark v1.7.8/go.mod h1:uzxRWxtg69N339t3louHJ7+O03ezfj6PlliRlaOzY1E=
-go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
+github.com/yuin/goldmark-emoji v1.0.4 h1:vCwMkPZSNefSUnOW2ZKRUjBSD5Ok3W78IXhGxxAEF90=
-golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+github.com/yuin/goldmark-emoji v1.0.4/go.mod h1:tTkZEbwu5wkPmgTcitqddVxY9osFZiavD+r4AzQrh1U=
-golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+github.com/yuin/goldmark-highlighting/v2 v2.0.0-20230729083705-37449abec8cc h1:+IAOyRda+RLrxa1WC7umKOZRsGq4QrFFMYApOeHzQwQ=
-golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+github.com/yuin/goldmark-highlighting/v2 v2.0.0-20230729083705-37449abec8cc/go.mod h1:ovIvrum6DQJA4QsJSovrkC4saKHQVs7TvcaeO8AIl5I=
-golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+go.abhg.dev/goldmark/mermaid v0.5.0 h1:mDkykpSPJ+5wCQ8bSXgzJ2KQskjXkI5Ndxz7JYDHW38=
-golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+go.abhg.dev/goldmark/mermaid v0.5.0/go.mod h1:OCyk2o85TX2drWHH+HRy6bih2yZlUwbbv/R1MMh1YLs=
-golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
+go.etcd.io/bbolt v1.3.11 h1:yGEzV1wPz2yVCLsD8ZAiGHhHVlczyC9d1rP43/VCRJ0=
-golang.org/x/crypto v0.0.0-20220214200702-86341886e292/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
+go.etcd.io/bbolt v1.3.11/go.mod h1:dksAq7YMXoljX0xu6VF5DMZGbhYYoLUalEiSySYAS4I=
-golang.org/x/crypto v0.2.0 h1:BRXPfhNivWL5Yq0BGQ39a2sW6t44aODpfxkWjYdzewE=
+golang.org/x/crypto v0.29.0 h1:L5SG1JTTXupVV3n6sUqMTeWbjAyfPwoda2DLX8J8FrQ=
-golang.org/x/crypto v0.2.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4=
+golang.org/x/crypto v0.29.0/go.mod h1:+F4F4N5hv6v38hfeYwTdx20oUvLLc+QfrE9Ax9HtgRg=
-golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
+golang.org/x/exp v0.0.0-20241108190413-2d47ceb2692f h1:XdNn9LlyWAhLVp6P/i8QYBW+hlyhrhei9uErw2B5GJo=
-golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
+golang.org/x/exp v0.0.0-20241108190413-2d47ceb2692f/go.mod h1:D5SMRVC3C2/4+F/DB1wZsLRnSNimn2Sp/NPsCrsv8ak=
-golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
+golang.org/x/mod v0.22.0 h1:D4nJWe9zXqHOmWqj4VMOJhvzj7bEZg4wEYa759z1pH4=
-golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek=
+golang.org/x/mod v0.22.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY=
-golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY=
+golang.org/x/net v0.31.0 h1:68CPQngjLL0r2AlUKiSxtQFKvzRVbnzLwMUn5SzcLHo=
-golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
+golang.org/x/net v0.31.0/go.mod h1:P4fl1q7dY2hnZFxEk4pPSkDHF+QqjitcnDjUQyMM+pM=
-golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
+golang.org/x/oauth2 v0.24.0 h1:KTBBxWqUa0ykRPLtV69rRto9TLXcqYkeswu48x/gvNE=
-golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
+golang.org/x/oauth2 v0.24.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
-golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM=
+golang.org/x/sync v0.9.0 h1:fEo0HyrW1GIgZdpbhCRO0PkJajUS5H9IFUztCgEo2jQ=
-golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU=
+golang.org/x/sync v0.9.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
-golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
+golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
 golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
 golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
 golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
 golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
 golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
 golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
 golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
 golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs=
 golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
 golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
 golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE=
 golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o=
 golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc=
 golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY=
 golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
 golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
 golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20190628185345-da137c7871d7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20200222125558-5a598a2470a0/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
 golang.org/x/net v0.0.0-20200501053045-e0ff5e5a1de5/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
 golang.org/x/net v0.0.0-20200506145744-7e3656a0809f/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
 golang.org/x/net v0.0.0-20200513185701-a91f0712d120/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
 golang.org/x/net v0.0.0-20200520182314-0ba52f642ac2/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
 golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
 golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
 golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
 golang.org/x/net v0.0.0-20200927032502-5d4f70055728/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
 golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.7.0 h1:rJrUqqhjsgNp7KqAIc25s9pZnjU7TUcSY7HcVZjdn1g=
 golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43 h1:ld7aEMNHoBnnDAX15v1T6z31v8HwR2A9FYOuAhWqkwc=
 golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200122134326-e047566fdf82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200331124033-c3d80250170d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200501052902-10377860bb8e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200511232937-7e40ca221e25/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200515095857-1151b9dac4a9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200905004654-be1d3432aa8f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20211103235746-7861aae1554b/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.5.0 h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU=
+golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
+golang.org/x/sys v0.27.0 h1:wBqf8DvsY9Y/2P8gAfPDEYNuS30J4lPHJxXSb/nJZ+s=
-golang.org/x/term v0.5.0 h1:n2a8QNdAb0sZNpU9R1ALUXBbY+w51fCQDN+7EdxNBsY=
+golang.org/x/sys v0.27.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/term v0.26.0 h1:WEQa6V3Gja/BhNxg540hBip/kkaYtRg3cxg4oXSw4AU=
-golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/term v0.26.0/go.mod h1:Si5m1o57C5nBNQo5z1iq+XDijt21BDBDp2bK0QI8e3E=
-golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/text v0.20.0 h1:gK/Kv2otX8gz+wn7Rmb3vT96ZwuoxnQlY+HlJVj7Qug=
-golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
+golang.org/x/text v0.20.0/go.mod h1:D4IsuqiFMhST5bX19pQ9ikHC2GsaKyk/oF+pn3ducp4=
-golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/time v0.8.0 h1:9i3RxcPv3PZnitoVGMPDKZSq1xW1gK1Xy3ArNOGZfEg=
-golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/time v0.8.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
-golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
+golang.org/x/tools v0.27.0 h1:qEKojBykQkQ4EynWy4S8Weg69NumxKdn40Fce3uc/8o=
-golang.org/x/text v0.7.0 h1:4BRB4x83lYWy72KwLD/qYDuTu7q9PjSagHvijDw7cLo=
+golang.org/x/tools v0.27.0/go.mod h1:sUi0ZgbwW9ZPAq26Ekut+weQPR5eIM6GQLQ1Yjm1H0Q=
-golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
+google.golang.org/protobuf v1.35.2 h1:8Ar7bF+apOIoThw1EdZl0p1oWvMqTHmpA2fRTyZO8io=
-golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
+google.golang.org/protobuf v1.35.2/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
 golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.2.0 h1:52I/1L54xyEQAYdtcSuxtiT84KGYTBGXwayxmIpNJhE=
 golang.org/x/time v0.2.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
 golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
 golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
 golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
 golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
 golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
 golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
 golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
 golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
 golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
 golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20191130070609-6e064ea0cf2d/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
 golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
 golang.org/x/tools v0.0.0-20200117161641-43d50277825c/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
 golang.org/x/tools v0.0.0-20200122220014-bf1340f18c4a/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
 golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
 golang.org/x/tools v0.0.0-20200204074204-1cc6d1ef6c74/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
 golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
 golang.org/x/tools v0.0.0-20200212150539-ea181f53ac56/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
 golang.org/x/tools v0.0.0-20200224181240-023911ca70b2/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
 golang.org/x/tools v0.0.0-20200227222343-706bc42d1f0d/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
 golang.org/x/tools v0.0.0-20200304193943-95d2e580d8eb/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw=
 golang.org/x/tools v0.0.0-20200312045724-11d5b4c81c7d/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw=
 golang.org/x/tools v0.0.0-20200331025713-a30bf2db82d4/go.mod h1:Sl4aGygMT6LrqrWclx+PTx3U+LnKx/seiNR+3G19Ar8=
 golang.org/x/tools v0.0.0-20200501065659-ab2804fb9c9d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
 golang.org/x/tools v0.0.0-20200512131952-2bc93b1c0c88/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
 golang.org/x/tools v0.0.0-20200515010526-7d3b6ebf133d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
 golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
 golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
 golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
 golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
 golang.org/x/tools v0.0.0-20200904185747-39188db58858/go.mod h1:Cj7w3i3Rnn0Xh82ur9kSqwfTHTeVxaDqrfMjpcNT6bE=
 golang.org/x/tools v0.0.0-20200929161345-d7fc70abf50f/go.mod h1:z6u4i615ZeAfBE4XtMziQW1fSVJXACjjbWkB/mvPzlU=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE=
 golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE=
 google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M=
 google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg=
 google.golang.org/api v0.9.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg=
 google.golang.org/api v0.13.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI=
 google.golang.org/api v0.14.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI=
 google.golang.org/api v0.15.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI=
 google.golang.org/api v0.17.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE=
 google.golang.org/api v0.18.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE=
 google.golang.org/api v0.19.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE=
 google.golang.org/api v0.20.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE=
 google.golang.org/api v0.22.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE=
 google.golang.org/api v0.24.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE=
 google.golang.org/api v0.28.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE=
 google.golang.org/api v0.29.0/go.mod h1:Lcubydp8VUV7KeIHD9z2Bys/sm/vGKnG1UHuDBSrHWM=
 google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz5138Fc=
 google.golang.org/api v0.32.0/go.mod h1:/XrVsuzM0rZmrsbjJutiuftIzeuTQcEeaYcSk/mQ1dg=
 google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
 google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
 google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
 google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0=
 google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
 google.golang.org/appengine v1.6.6 h1:lMO5rYAqUxkmaj76jAkRUvt5JZgFymx/+Q5Mzfivuhc=
 google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
 google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
 google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
 google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
 google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
 google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
 google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
 google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
 google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8=
 google.golang.org/genproto v0.0.0-20191108220845-16a3f7862a1a/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
 google.golang.org/genproto v0.0.0-20191115194625-c23dd37a84c9/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
 google.golang.org/genproto v0.0.0-20191216164720-4f79533eabd1/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
 google.golang.org/genproto v0.0.0-20191230161307-f3c370f40bfb/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
 google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
 google.golang.org/genproto v0.0.0-20200122232147-0452cf42e150/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
 google.golang.org/genproto v0.0.0-20200204135345-fa8e72b47b90/go.mod h1:GmwEX6Z4W5gMy59cAlVYjN9JhxgbQH6Gn+gFDQe2lzA=
 google.golang.org/genproto v0.0.0-20200212174721-66ed5ce911ce/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
 google.golang.org/genproto v0.0.0-20200224152610-e50cd9704f63/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
 google.golang.org/genproto v0.0.0-20200228133532-8c2c7df3a383/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
 google.golang.org/genproto v0.0.0-20200305110556-506484158171/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
 google.golang.org/genproto v0.0.0-20200312145019-da6875a35672/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
 google.golang.org/genproto v0.0.0-20200331122359-1ee6d9798940/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
 google.golang.org/genproto v0.0.0-20200430143042-b979b6f78d84/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
 google.golang.org/genproto v0.0.0-20200511104702-f5ebc3bea380/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
 google.golang.org/genproto v0.0.0-20200515170657-fc4c6c6a6587/go.mod h1:YsZOwe1myG/8QRHRsmBRE1LrgQY60beZKjly0O1fX9U=
 google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo=
 google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA=
 google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
 google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
 google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
 google.golang.org/genproto v0.0.0-20200904004341-0bd0a958aa1d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
 google.golang.org/genproto v0.0.0-20200929141702-51c3e5b607fe/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
 google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
 google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38=
 google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM=
 google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
 google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY=
 google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
 google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
 google.golang.org/grpc v1.27.1/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
 google.golang.org/grpc v1.28.0/go.mod h1:rpkK4SK4GF4Ach/+MFLZUBavHOvF2JJB5uozKKal+60=
 google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk=
 google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
 google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
 google.golang.org/grpc v1.31.1/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
 google.golang.org/grpc v1.32.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
 google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
 google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
 google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
 google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
 google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
 google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
 google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
 google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
 google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4=
 google.golang.org/protobuf v1.25.0 h1:Ejskq+SyPohKW+1uil0JJMtmHCgJPJ/qWTxr8qp+R4c=
 google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
 gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-gorm.io/driver/sqlite v1.3.2 h1:nWTy4cE52K6nnMhv23wLmur9Y3qWbZvOBz+V4PrGAxg=
+gorm.io/driver/mysql v1.5.7 h1:MndhOPYOfEp2rHKgkZIhJ16eVUIRf2HmzgoPmh7FCWo=
-gorm.io/driver/sqlite v1.3.2/go.mod h1:B+8GyC9K7VgzJAcrcXMRPdnMcck+8FgJynEehEPM16U=
+gorm.io/driver/mysql v1.5.7/go.mod h1:sEtPWMiqiN1N1cMXoXmBbd8C6/l+TESwriotuRRpkDM=
-gorm.io/gorm v1.23.4/go.mod h1:l2lP/RyAtc1ynaTjFksBde/O8v9oOGIApu2/xRitmZk=
+gorm.io/driver/postgres v1.5.10 h1:7Lggqempgy496c0WfHXsYWxk3Th+ZcW66/21QhVFdeE=
-gorm.io/gorm v1.23.5 h1:TnlF26wScKSvknUC/Rn8t0NLLM22fypYBlvj1+aH6dM=
+gorm.io/driver/postgres v1.5.10/go.mod h1:DX3GReXH+3FPWGrrgffdvCk3DQ1dwDPdmbenSkweRGI=
-gorm.io/gorm v1.23.5/go.mod h1:l2lP/RyAtc1ynaTjFksBde/O8v9oOGIApu2/xRitmZk=
+gorm.io/gorm v1.25.7/go.mod h1:hbnx/Oo0ChWMn1BIhpy1oYozzpM15i4YPuHDmfYtwg8=
-honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
+gorm.io/gorm v1.25.12 h1:I0u8i2hWQItBq1WfE0o2+WuL9+8L21K9e2HHSTE/0f8=
-honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
+gorm.io/gorm v1.25.12/go.mod h1:xh7N7RHfYlNc5EmcI/El95gXusucDrQnHXe0+CgWcLQ=
-honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
+modernc.org/cc/v4 v4.23.1 h1:WqJoPL3x4cUufQVHkXpXX7ThFJ1C4ik80i2eXEXbhD8=
-honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
+modernc.org/cc/v4 v4.23.1/go.mod h1:HM7VJTZbUCR3rV8EYBi9wxnJ0ZBRiGE5OeGXNA0IsLQ=
-honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
+modernc.org/ccgo/v4 v4.22.3 h1:C7AW89Zw3kygesTQWBzApwIn9ldM+cb/plrTIKq41Os=
-honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
+modernc.org/ccgo/v4 v4.22.3/go.mod h1:Dz7n0/UkBbH3pnYaxgi1mFSfF4REqUOZNziphZASx6k=
-honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
+modernc.org/fileutil v1.3.0 h1:gQ5SIzK3H9kdfai/5x41oQiKValumqNTDXMvKo62HvE=
-rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
+modernc.org/fileutil v1.3.0/go.mod h1:XatxS8fZi3pS8/hKG2GH/ArUogfxjpEKs3Ku3aK4JyQ=
-rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
+modernc.org/gc/v2 v2.5.0 h1:bJ9ChznK1L1mUtAQtxi0wi5AtAs5jQuw4PrPHO5pb6M=
-rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
+modernc.org/gc/v2 v2.5.0/go.mod h1:wzN5dK1AzVGoH6XOzc3YZ+ey/jPgYHLuVckd62P0GYU=
 modernc.org/libc v1.61.2 h1:dkO4DlowfClcJYsvf/RiK6fUwvzCQTmB34bJLt0CAGQ=
 modernc.org/libc v1.61.2/go.mod h1:4QGjNyX3h+rn7V5oHpJY2yH0QN6frt1X+5BkXzwLPCo=
 modernc.org/mathutil v1.6.0 h1:fRe9+AmYlaej+64JsEEhoWuAYBkOtQiMEU7n/XgfYi4=
 modernc.org/mathutil v1.6.0/go.mod h1:Ui5Q9q1TR2gFm0AQRqQUaBWFLAhQpCwNcuhBOSedWPo=
 modernc.org/memory v1.8.0 h1:IqGTL6eFMaDZZhEWwcREgeMXYwmW83LYW8cROZYkg+E=
 modernc.org/memory v1.8.0/go.mod h1:XPZ936zp5OMKGWPqbD3JShgd/ZoQ7899TUuQqxY+peU=
 modernc.org/opt v0.1.3 h1:3XOZf2yznlhC+ibLltsDGzABUGVx8J6pnFMS3E4dcq4=
 modernc.org/opt v0.1.3/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0=
 modernc.org/sortutil v1.2.0 h1:jQiD3PfS2REGJNzNCMMaLSp/wdMNieTbKX920Cqdgqc=
 modernc.org/sortutil v1.2.0/go.mod h1:TKU2s7kJMf1AE84OoiGppNHJwvB753OYfNl2WRb++Ss=
 modernc.org/sqlite v1.34.1 h1:u3Yi6M0N8t9yKRDwhXcyp1eS5/ErhPTBggxWFuR6Hfk=
 modernc.org/sqlite v1.34.1/go.mod h1:pXV2xHxhzXZsgT/RtTFAPY6JJDEvOTcTdwADQCCWD4k=
 modernc.org/strutil v1.2.0 h1:agBi9dp1I+eOnxXeiZawM8F4LawKv4NzGWSaLfyeNZA=
 modernc.org/strutil v1.2.0/go.mod h1:/mdcBmfOibveCTBxUl5B5l6W+TTH1FXPLHZE6bTosX0=
 modernc.org/token v1.1.0 h1:Xl7Ap9dKaEs5kLoOQeQmPWevfnk/DM5qcLcYlA8ys6Y=
 modernc.org/token v1.1.0/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM=
--- a/internal/actions/actions.go
+++ b/internal/actions/actions.go
@@ -0,0 +1,185 @@
 package actions
 import (
 	"github.com/rs/zerolog/log"
 	"github.com/thomiceli/opengist/internal/config"
 	"github.com/thomiceli/opengist/internal/db"
 	"github.com/thomiceli/opengist/internal/git"
 	"github.com/thomiceli/opengist/internal/index"
 	"os"
 	"path/filepath"
 	"strings"
 	"sync"
 )
 type ActionStatus struct {
 	Running bool
 }
 const (
 	SyncReposFromFS = iota
 	SyncReposFromDB
 	GitGcRepos
 	SyncGistPreviews
 	ResetHooks
 	IndexGists
 	SyncGistLanguages
 )
 var (
 	mutex   sync.Mutex
 	actions = make(map[int]ActionStatus)
 )
 func updateActionStatus(actionType int, running bool) {
 	actions[actionType] = ActionStatus{
 		Running: running,
 	}
 }
 func IsRunning(actionType int) bool {
 	mutex.Lock()
 	defer mutex.Unlock()
 	return actions[actionType].Running
 }
 func Run(actionType int) {
 	mutex.Lock()
 	if actions[actionType].Running {
 		mutex.Unlock()
 		return
 	}
 	updateActionStatus(actionType, true)
 	mutex.Unlock()
 	defer func() {
 		mutex.Lock()
 		updateActionStatus(actionType, false)
 		mutex.Unlock()
 	}()
 	var functionToRun func()
 	switch actionType {
 	case SyncReposFromFS:
 		functionToRun = syncReposFromFS
 	case SyncReposFromDB:
 		functionToRun = syncReposFromDB
 	case GitGcRepos:
 		functionToRun = gitGcRepos
 	case SyncGistPreviews:
 		functionToRun = syncGistPreviews
 	case ResetHooks:
 		functionToRun = resetHooks
 	case IndexGists:
 		functionToRun = indexGists
 	case SyncGistLanguages:
 		functionToRun = syncGistLanguages
 	default:
 		log.Error().Msg("Unknown action type")
 	}
 	functionToRun()
 }
 func syncReposFromFS() {
 	log.Info().Msg("Syncing repositories from filesystem...")
 	gists, err := db.GetAllGistsRows()
 	if err != nil {
 		log.Error().Err(err).Msg("Cannot get gists")
 		return
 	}
 	for _, gist := range gists {
 		// if repository does not exist, delete gist from database
 		if _, err := os.Stat(git.RepositoryPath(gist.User.Username, gist.Uuid)); err != nil && !os.IsExist(err) {
 			if err2 := gist.Delete(); err2 != nil {
 				log.Error().Err(err2).Msgf("Cannot delete gist %d", gist.ID)
 			}
 		}
 	}
 }
 func syncReposFromDB() {
 	log.Info().Msg("Syncing repositories from database...")
 	entries, err := filepath.Glob(filepath.Join(config.GetHomeDir(), "repos", "*", "*"))
 	if err != nil {
 		log.Error().Err(err).Msg("Cannot read repos directories")
 		return
 	}
 	for _, e := range entries {
 		path := strings.Split(e, string(os.PathSeparator))
 		gist, _ := db.GetGist(path[len(path)-2], path[len(path)-1])
 		if gist.ID == 0 {
 			if err := git.DeleteRepository(path[len(path)-2], path[len(path)-1]); err != nil {
 				log.Error().Err(err).Msgf("Cannot delete repository %s/%s", path[len(path)-2], path[len(path)-1])
 			}
 		}
 	}
 }
 func gitGcRepos() {
 	log.Info().Msg("Garbage collecting all repositories...")
 	if err := git.GcRepos(); err != nil {
 		log.Error().Err(err).Msg("Error garbage collecting repositories")
 	}
 }
 func syncGistPreviews() {
 	log.Info().Msg("Syncing all Gist previews...")
 	gists, err := db.GetAllGistsRows()
 	if err != nil {
 		log.Error().Err(err).Msg("Cannot get gists")
 		return
 	}
 	for _, gist := range gists {
 		if err = gist.UpdatePreviewAndCount(false); err != nil {
 			log.Error().Err(err).Msgf("Cannot update preview and count for gist %d", gist.ID)
 		}
 	}
 }
 func resetHooks() {
 	log.Info().Msg("Resetting Git server hooks for all repositories...")
 	if err := git.ResetHooks(); err != nil {
 		log.Error().Err(err).Msg("Error resetting hooks for repositories")
 	}
 }
 func indexGists() {
 	log.Info().Msg("Indexing all Gists...")
 	gists, err := db.GetAllGistsRows()
 	if err != nil {
 		log.Error().Err(err).Msg("Cannot get gists")
 		return
 	}
 	for _, gist := range gists {
 		log.Info().Msgf("Indexing gist %d", gist.ID)
 		indexedGist, err := gist.ToIndexedGist()
 		if err != nil {
 			log.Error().Err(err).Msgf("Cannot convert gist %d to indexed gist", gist.ID)
 			continue
 		}
 		if err = index.AddInIndex(indexedGist); err != nil {
 			log.Error().Err(err).Msgf("Cannot index gist %d", gist.ID)
 		}
 	}
 }
 func syncGistLanguages() {
 	log.Info().Msg("Syncing all Gist languages...")
 	gists, err := db.GetAllGistsRows()
 	if err != nil {
 		log.Error().Err(err).Msg("Cannot get gists")
 		return
 	}
 	for _, gist := range gists {
 		log.Info().Msgf("Syncing languages for gist %d", gist.ID)
 		gist.UpdateLanguages()
 	}
 }
--- a/internal/auth/aes.go
+++ b/internal/auth/aes.go
@@ -0,0 +1,46 @@
 package auth
 import (
 	"crypto/aes"
 	"crypto/cipher"
 	"crypto/rand"
 	"fmt"
 	"io"
 )
 func AESEncrypt(key, text []byte) ([]byte, error) {
 	block, err := aes.NewCipher(key)
 	if err != nil {
 		return nil, err
 	}
 	ciphertext := make([]byte, aes.BlockSize+len(text))
 	iv := ciphertext[:aes.BlockSize]
 	if _, err = io.ReadFull(rand.Reader, iv); err != nil {
 		return nil, err
 	}
 	stream := cipher.NewCFBEncrypter(block, iv)
 	stream.XORKeyStream(ciphertext[aes.BlockSize:], text)
 	return ciphertext, nil
 }
 func AESDecrypt(key, ciphertext []byte) ([]byte, error) {
 	block, err := aes.NewCipher(key)
 	if err != nil {
 		return nil, err
 	}
 	if len(ciphertext) < aes.BlockSize {
 		return nil, fmt.Errorf("ciphertext too short")
 	}
 	iv := ciphertext[:aes.BlockSize]
 	ciphertext = ciphertext[aes.BlockSize:]
 	stream := cipher.NewCFBDecrypter(block, iv)
 	stream.XORKeyStream(ciphertext, ciphertext)
 	return ciphertext, nil
 }
--- a/internal/auth/argon2id.go
+++ b/internal/auth/argon2id.go
@@ -0,0 +1,76 @@
 package auth
 import (
 	"crypto/rand"
 	"crypto/subtle"
 	"encoding/base64"
 	"errors"
 	"fmt"
 	"golang.org/x/crypto/argon2"
 	"strings"
 )
 type argon2ID struct {
 	format  string
 	version int
 	time    uint32
 	memory  uint32
 	keyLen  uint32
 	saltLen uint32
 	threads uint8
 }
 var Argon2id = argon2ID{
 	format:  "$argon2id$v=%d$m=%d,t=%d,p=%d$%s$%s",
 	version: argon2.Version,
 	time:    1,
 	memory:  64 * 1024,
 	keyLen:  32,
 	saltLen: 16,
 	threads: 4,
 }
 func (a argon2ID) Hash(plain string) (string, error) {
 	salt := make([]byte, a.saltLen)
 	if _, err := rand.Read(salt); err != nil {
 		return "", err
 	}
 	hash := argon2.IDKey([]byte(plain), salt, a.time, a.memory, a.threads, a.keyLen)
 	return fmt.Sprintf(a.format, a.version, a.memory, a.time, a.threads,
 		base64.RawStdEncoding.EncodeToString(salt),
 		base64.RawStdEncoding.EncodeToString(hash),
 	), nil
 }
 func (a argon2ID) Verify(plain, hash string) (bool, error) {
 	if hash == "" {
 		return false, nil
 	}
 	hashParts := strings.Split(hash, "$")
 	if len(hashParts) != 6 {
 		return false, errors.New("invalid hash")
 	}
 	_, err := fmt.Sscanf(hashParts[3], "m=%d,t=%d,p=%d", &a.memory, &a.time, &a.threads)
 	if err != nil {
 		return false, err
 	}
 	salt, err := base64.RawStdEncoding.DecodeString(hashParts[4])
 	if err != nil {
 		return false, err
 	}
 	decodedHash, err := base64.RawStdEncoding.DecodeString(hashParts[5])
 	if err != nil {
 		return false, err
 	}
 	hashToCompare := argon2.IDKey([]byte(plain), salt, a.time, a.memory, a.threads, uint32(len(decodedHash)))
 	return subtle.ConstantTimeCompare(decodedHash, hashToCompare) == 1, nil
 }
--- a/internal/auth/auth.go
+++ b/internal/auth/auth.go
@@ -0,0 +1,18 @@
 package auth
 type AuthInfoProvider interface {
 	RequireLogin() (bool, error)
 	AllowGistsWithoutLogin() (bool, error)
 }
 func ShouldAllowUnauthenticatedGistAccess(prov AuthInfoProvider, isSingleGistAccess bool) (bool, error) {
 	require, err := prov.RequireLogin()
 	if err != nil {
 		return false, err
 	}
 	allow, err := prov.AllowGistsWithoutLogin()
 	if err != nil {
 		return false, err
 	}
 	return !require || (isSingleGistAccess && allow), nil
 }
--- a/internal/auth/oauth/gitea.go
+++ b/internal/auth/oauth/gitea.go
@@ -0,0 +1,117 @@
 package oauth
 import (
 	gocontext "context"
 	gojson "encoding/json"
 	"github.com/markbates/goth"
 	"github.com/markbates/goth/gothic"
 	"github.com/markbates/goth/providers/gitea"
 	"github.com/rs/zerolog/log"
 	"github.com/thomiceli/opengist/internal/config"
 	"github.com/thomiceli/opengist/internal/db"
 	"github.com/thomiceli/opengist/internal/web/context"
 	"io"
 	"net/http"
 )
 type GiteaProvider struct {
 	Provider
 	URL string
 }
 func (p *GiteaProvider) RegisterProvider() error {
 	goth.UseProviders(
 		gitea.NewCustomisedURL(
 			config.C.GiteaClientKey,
 			config.C.GiteaSecret,
 			urlJoin(p.URL, "/oauth/gitea/callback"),
 			urlJoin(config.C.GiteaUrl, "/login/oauth/authorize"),
 			urlJoin(config.C.GiteaUrl, "/login/oauth/access_token"),
 			urlJoin(config.C.GiteaUrl, "/api/v1/user"),
 		),
 	)
 	return nil
 }
 func (p *GiteaProvider) BeginAuthHandler(ctx *context.Context) {
 	ctxValue := gocontext.WithValue(ctx.Request().Context(), gothic.ProviderParamKey, GiteaProviderString)
 	ctx.SetRequest(ctx.Request().WithContext(ctxValue))
 	gothic.BeginAuthHandler(ctx.Response(), ctx.Request())
 }
 func (p *GiteaProvider) UserHasProvider(user *db.User) bool {
 	return user.GiteaID != ""
 }
 func NewGiteaProvider(url string) *GiteaProvider {
 	return &GiteaProvider{
 		URL: url,
 	}
 }
 type GiteaCallbackProvider struct {
 	CallbackProvider
 	User *goth.User
 }
 func (p *GiteaCallbackProvider) GetProvider() string {
 	return GiteaProviderString
 }
 func (p *GiteaCallbackProvider) GetProviderUser() *goth.User {
 	return p.User
 }
 func (p *GiteaCallbackProvider) GetProviderUserID(user *db.User) bool {
 	return user.GiteaID != ""
 }
 func (p *GiteaCallbackProvider) GetProviderUserSSHKeys() ([]string, error) {
 	resp, err := http.Get(urlJoin(config.C.GiteaUrl, p.User.NickName+".keys"))
 	if err != nil {
 		return nil, err
 	}
 	defer resp.Body.Close()
 	return readKeys(resp)
 }
 func (p *GiteaCallbackProvider) UpdateUserDB(user *db.User) {
 	user.GiteaID = p.User.UserID
 	resp, err := http.Get(urlJoin(config.C.GiteaUrl, "/api/v1/users/", p.User.UserID))
 	if err != nil {
 		log.Error().Err(err).Msg("Cannot get user from Gitea")
 		return
 	}
 	defer resp.Body.Close()
 	body, err := io.ReadAll(resp.Body)
 	if err != nil {
 		log.Error().Err(err).Msg("Cannot read Gitea response body")
 		return
 	}
 	var result map[string]interface{}
 	err = gojson.Unmarshal(body, &result)
 	if err != nil {
 		log.Error().Err(err).Msg("Cannot unmarshal Gitea response body")
 		return
 	}
 	field, ok := result["avatar_url"]
 	if !ok {
 		log.Error().Msg("Field 'avatar_url' not found in Gitea JSON response")
 		return
 	}
 	user.AvatarURL = field.(string)
 }
 func NewGiteaCallbackProvider(user *goth.User) CallbackProvider {
 	return &GiteaCallbackProvider{
 		User: user,
 	}
 }
--- a/internal/auth/oauth/github.go
+++ b/internal/auth/oauth/github.go
@@ -0,0 +1,84 @@
 package oauth
 import (
 	gocontext "context"
 	"github.com/markbates/goth"
 	"github.com/markbates/goth/gothic"
 	"github.com/markbates/goth/providers/github"
 	"github.com/thomiceli/opengist/internal/config"
 	"github.com/thomiceli/opengist/internal/db"
 	"github.com/thomiceli/opengist/internal/web/context"
 	"net/http"
 )
 type GitHubProvider struct {
 	Provider
 	URL string
 }
 func (p *GitHubProvider) RegisterProvider() error {
 	goth.UseProviders(
 		github.New(
 			config.C.GithubClientKey,
 			config.C.GithubSecret,
 			urlJoin(p.URL, "/oauth/github/callback"),
 		),
 	)
 	return nil
 }
 func (p *GitHubProvider) BeginAuthHandler(ctx *context.Context) {
 	ctxValue := gocontext.WithValue(ctx.Request().Context(), gothic.ProviderParamKey, GitHubProviderString)
 	ctx.SetRequest(ctx.Request().WithContext(ctxValue))
 	gothic.BeginAuthHandler(ctx.Response(), ctx.Request())
 }
 func (p *GitHubProvider) UserHasProvider(user *db.User) bool {
 	return user.GithubID != ""
 }
 func NewGitHubProvider(url string) *GitHubProvider {
 	return &GitHubProvider{
 		URL: url,
 	}
 }
 type GitHubCallbackProvider struct {
 	CallbackProvider
 	User *goth.User
 }
 func (p *GitHubCallbackProvider) GetProvider() string {
 	return GitHubProviderString
 }
 func (p *GitHubCallbackProvider) GetProviderUser() *goth.User {
 	return p.User
 }
 func (p *GitHubCallbackProvider) GetProviderUserID(user *db.User) bool {
 	return user.GithubID != ""
 }
 func (p *GitHubCallbackProvider) GetProviderUserSSHKeys() ([]string, error) {
 	resp, err := http.Get("https://github.com/" + p.User.NickName + ".keys")
 	if err != nil {
 		return nil, err
 	}
 	defer resp.Body.Close()
 	return readKeys(resp)
 }
 func (p *GitHubCallbackProvider) UpdateUserDB(user *db.User) {
 	user.GithubID = p.User.UserID
 	user.AvatarURL = "https://avatars.githubusercontent.com/u/" + p.User.UserID + "?v=4"
 }
 func NewGitHubCallbackProvider(user *goth.User) CallbackProvider {
 	return &GitHubCallbackProvider{
 		User: user,
 	}
 }
--- a/internal/auth/oauth/gitlab.go
+++ b/internal/auth/oauth/gitlab.go
@@ -0,0 +1,87 @@
 package oauth
 import (
 	gocontext "context"
 	"github.com/markbates/goth"
 	"github.com/markbates/goth/gothic"
 	"github.com/markbates/goth/providers/gitlab"
 	"github.com/thomiceli/opengist/internal/config"
 	"github.com/thomiceli/opengist/internal/db"
 	"github.com/thomiceli/opengist/internal/web/context"
 	"net/http"
 )
 type GitLabProvider struct {
 	Provider
 	URL string
 }
 func (p *GitLabProvider) RegisterProvider() error {
 	goth.UseProviders(
 		gitlab.NewCustomisedURL(
 			config.C.GitlabClientKey,
 			config.C.GitlabSecret,
 			urlJoin(p.URL, "/oauth/gitlab/callback"),
 			urlJoin(config.C.GitlabUrl, "/oauth/authorize"),
 			urlJoin(config.C.GitlabUrl, "/oauth/token"),
 			urlJoin(config.C.GitlabUrl, "/api/v4/user"),
 		),
 	)
 	return nil
 }
 func (p *GitLabProvider) BeginAuthHandler(ctx *context.Context) {
 	ctxValue := gocontext.WithValue(ctx.Request().Context(), gothic.ProviderParamKey, GitLabProviderString)
 	ctx.SetRequest(ctx.Request().WithContext(ctxValue))
 	gothic.BeginAuthHandler(ctx.Response(), ctx.Request())
 }
 func (p *GitLabProvider) UserHasProvider(user *db.User) bool {
 	return user.GitlabID != ""
 }
 func NewGitLabProvider(url string) *GitLabProvider {
 	return &GitLabProvider{
 		URL: url,
 	}
 }
 type GitLabCallbackProvider struct {
 	CallbackProvider
 	User *goth.User
 }
 func (p *GitLabCallbackProvider) GetProvider() string {
 	return GitLabProviderString
 }
 func (p *GitLabCallbackProvider) GetProviderUser() *goth.User {
 	return p.User
 }
 func (p *GitLabCallbackProvider) GetProviderUserID(user *db.User) bool {
 	return user.GitlabID != ""
 }
 func (p *GitLabCallbackProvider) GetProviderUserSSHKeys() ([]string, error) {
 	resp, err := http.Get(urlJoin(config.C.GitlabUrl, p.User.NickName+".keys"))
 	if err != nil {
 		return nil, err
 	}
 	defer resp.Body.Close()
 	return readKeys(resp)
 }
 func (p *GitLabCallbackProvider) UpdateUserDB(user *db.User) {
 	user.GitlabID = p.User.UserID
 	user.AvatarURL = urlJoin(config.C.GitlabUrl, "/uploads/-/system/user/avatar/", p.User.UserID, "/avatar.png") + "?width=400"
 }
 func NewGitLabCallbackProvider(user *goth.User) CallbackProvider {
 	return &GitLabCallbackProvider{
 		User: user,
 	}
 }
--- a/internal/auth/oauth/openid.go
+++ b/internal/auth/oauth/openid.go
@@ -0,0 +1,85 @@
 package oauth
 import (
 	gocontext "context"
 	"errors"
 	"github.com/markbates/goth"
 	"github.com/markbates/goth/gothic"
 	"github.com/markbates/goth/providers/openidConnect"
 	"github.com/thomiceli/opengist/internal/config"
 	"github.com/thomiceli/opengist/internal/db"
 	"github.com/thomiceli/opengist/internal/web/context"
 )
 type OIDCProvider struct {
 	Provider
 	URL string
 }
 func (p *OIDCProvider) RegisterProvider() error {
 	oidcProvider, err := openidConnect.New(
 		config.C.OIDCClientKey,
 		config.C.OIDCSecret,
 		urlJoin(p.URL, "/oauth/openid-connect/callback"),
 		config.C.OIDCDiscoveryUrl,
 		"openid",
 		"email",
 		"profile",
 	)
 	if err != nil {
 		return errors.New("Cannot create OIDC provider: " + err.Error())
 	}
 	goth.UseProviders(oidcProvider)
 	return nil
 }
 func (p *OIDCProvider) BeginAuthHandler(ctx *context.Context) {
 	ctxValue := gocontext.WithValue(ctx.Request().Context(), gothic.ProviderParamKey, OpenIDConnectString)
 	ctx.SetRequest(ctx.Request().WithContext(ctxValue))
 	gothic.BeginAuthHandler(ctx.Response(), ctx.Request())
 }
 func (p *OIDCProvider) UserHasProvider(user *db.User) bool {
 	return user.OIDCID != ""
 }
 func NewOIDCProvider(url string) *OIDCProvider {
 	return &OIDCProvider{
 		URL: url,
 	}
 }
 type OIDCCallbackProvider struct {
 	CallbackProvider
 	User *goth.User
 }
 func (p *OIDCCallbackProvider) GetProvider() string {
 	return OpenIDConnectString
 }
 func (p *OIDCCallbackProvider) GetProviderUser() *goth.User {
 	return p.User
 }
 func (p *OIDCCallbackProvider) GetProviderUserID(user *db.User) bool {
 	return user.OIDCID != ""
 }
 func (p *OIDCCallbackProvider) GetProviderUserSSHKeys() ([]string, error) {
 	return nil, nil
 }
 func (p *OIDCCallbackProvider) UpdateUserDB(user *db.User) {
 	user.OIDCID = p.User.UserID
 	user.AvatarURL = p.User.AvatarURL
 }
 func NewOIDCCallbackProvider(user *goth.User) CallbackProvider {
 	return &OIDCCallbackProvider{
 		User: user,
 	}
 }
--- a/internal/auth/oauth/provider.go
+++ b/internal/auth/oauth/provider.go
@@ -0,0 +1,93 @@
 package oauth
 import (
 	"fmt"
 	"github.com/markbates/goth"
 	"github.com/markbates/goth/gothic"
 	"github.com/rs/zerolog/log"
 	"github.com/thomiceli/opengist/internal/db"
 	"github.com/thomiceli/opengist/internal/web/context"
 	"io"
 	"net/http"
 	"net/url"
 	"strings"
 )
 const (
 	GitHubProviderString = "github"
 	GitLabProviderString = "gitlab"
 	GiteaProviderString  = "gitea"
 	OpenIDConnectString  = "openid-connect"
 )
 type Provider interface {
 	RegisterProvider() error
 	BeginAuthHandler(ctx *context.Context)
 	UserHasProvider(user *db.User) bool
 }
 type CallbackProvider interface {
 	GetProvider() string
 	GetProviderUser() *goth.User
 	GetProviderUserID(user *db.User) bool
 	GetProviderUserSSHKeys() ([]string, error)
 	UpdateUserDB(user *db.User)
 }
 func DefineProvider(provider string, url string) (Provider, error) {
 	switch provider {
 	case GitHubProviderString:
 		return NewGitHubProvider(url), nil
 	case GitLabProviderString:
 		return NewGitLabProvider(url), nil
 	case GiteaProviderString:
 		return NewGiteaProvider(url), nil
 	case OpenIDConnectString:
 		return NewOIDCProvider(url), nil
 	}
 	return nil, fmt.Errorf("unsupported provider %s", provider)
 }
 func CompleteUserAuth(ctx *context.Context) (CallbackProvider, error) {
 	user, err := gothic.CompleteUserAuth(ctx.Response(), ctx.Request())
 	if err != nil {
 		return nil, err
 	}
 	switch user.Provider {
 	case GitHubProviderString:
 		return NewGitHubCallbackProvider(&user), nil
 	case GitLabProviderString:
 		return NewGitLabCallbackProvider(&user), nil
 	case GiteaProviderString:
 		return NewGiteaCallbackProvider(&user), nil
 	case OpenIDConnectString:
 		return NewOIDCCallbackProvider(&user), nil
 	}
 	return nil, fmt.Errorf("unsupported provider %s", user.Provider)
 }
 func urlJoin(base string, elem ...string) string {
 	joined, err := url.JoinPath(base, elem...)
 	if err != nil {
 		log.Error().Err(err).Msg("Cannot join url")
 	}
 	return joined
 }
 func readKeys(response *http.Response) ([]string, error) {
 	body, err := io.ReadAll(response.Body)
 	if err != nil {
 		return nil, fmt.Errorf("could not get user keys %v", err)
 	}
 	keys := strings.Split(string(body), "\n")
 	if len(keys[len(keys)-1]) == 0 {
 		keys = keys[:len(keys)-1]
 	}
 	return keys, nil
 }
--- a/internal/auth/password/password.go
+++ b/internal/auth/password/password.go
@@ -0,0 +1,11 @@
 package password
 import "github.com/thomiceli/opengist/internal/auth"
 func HashPassword(code string) (string, error) {
 	return auth.Argon2id.Hash(code)
 }
 func VerifyPassword(code, hashedCode string) (bool, error) {
 	return auth.Argon2id.Verify(code, hashedCode)
 }
--- a/internal/auth/totp/totp.go
+++ b/internal/auth/totp/totp.go
@@ -0,0 +1,61 @@
 package totp
 import (
 	"bytes"
 	"crypto/rand"
 	"encoding/base64"
 	"github.com/pquerna/otp/totp"
 	"html/template"
 	"image/png"
 	"strings"
 )
 const secretSize = 16
 func GenerateQRCode(username, siteUrl string, secret []byte) (string, template.URL, error, []byte) {
 	var err error
 	if secret == nil {
 		secret, err = generateSecret()
 		if err != nil {
 			return "", "", err, nil
 		}
 	}
 	otpKey, err := totp.Generate(totp.GenerateOpts{
 		SecretSize:  secretSize,
 		Issuer:      "Opengist (" + strings.ReplaceAll(siteUrl, ":", "") + ")",
 		AccountName: username,
 		Secret:      secret,
 	})
 	if err != nil {
 		return "", "", err, nil
 	}
 	qrcode, err := otpKey.Image(320, 240)
 	if err != nil {
 		return "", "", err, nil
 	}
 	var imgBytes bytes.Buffer
 	if err = png.Encode(&imgBytes, qrcode); err != nil {
 		return "", "", err, nil
 	}
 	qrcodeImage := template.URL("data:image/png;base64," + base64.StdEncoding.EncodeToString(imgBytes.Bytes()))
 	return otpKey.Secret(), qrcodeImage, nil, secret
 }
 func Validate(passcode, secret string) bool {
 	return totp.Validate(passcode, secret)
 }
 func generateSecret() ([]byte, error) {
 	secret := make([]byte, secretSize)
 	_, err := rand.Reader.Read(secret)
 	if err != nil {
 		return nil, err
 	}
 	return secret, nil
 }
--- a/internal/auth/webauthn/user.go
+++ b/internal/auth/webauthn/user.go
@@ -0,0 +1,58 @@
 package webauthn
 import (
 	"encoding/binary"
 	"github.com/go-webauthn/webauthn/protocol"
 	"github.com/go-webauthn/webauthn/webauthn"
 	"github.com/thomiceli/opengist/internal/db"
 )
 type user struct {
 	*db.User
 }
 func (u *user) WebAuthnID() []byte {
 	return uintToBytes(u.ID)
 }
 func (u *user) WebAuthnName() string {
 	return u.Username
 }
 func (u *user) WebAuthnDisplayName() string {
 	return u.Username
 }
 func (u *user) WebAuthnCredentials() []webauthn.Credential {
 	dbCreds, err := db.GetAllWACredentialsForUser(u.ID)
 	if err != nil {
 		return nil
 	}
 	return dbCreds
 }
 func (u *user) Exclusions() []protocol.CredentialDescriptor {
 	creds := u.WebAuthnCredentials()
 	exclusions := make([]protocol.CredentialDescriptor, len(creds))
 	for i, cred := range creds {
 		exclusions[i] = cred.Descriptor()
 	}
 	return exclusions
 }
 func discoverUser(rawID []byte, _ []byte) (webauthn.User, error) {
 	ogUser, err := db.GetUserByCredentialID(rawID)
 	if err != nil {
 		return nil, err
 	}
 	return &user{User: ogUser}, nil
 }
 func uintToBytes(n uint) []byte {
 	b := make([]byte, 8)
 	binary.BigEndian.PutUint64(b, uint64(n))
 	return b
 }
--- a/internal/auth/webauthn/webauthn.go
+++ b/internal/auth/webauthn/webauthn.go
@@ -0,0 +1,138 @@
 package webauthn
 import (
 	"encoding/json"
 	"github.com/go-webauthn/webauthn/protocol"
 	"github.com/go-webauthn/webauthn/webauthn"
 	"github.com/rs/zerolog/log"
 	"github.com/thomiceli/opengist/internal/config"
 	"github.com/thomiceli/opengist/internal/db"
 	"net/http"
 	"net/url"
 )
 var webAuthn *webauthn.WebAuthn
 func Init(urlStr string) error {
 	var rpid, rporigin string
 	var err error
 	if urlStr == "" {
 		log.Info().Msg("External URL is not set, passkeys RP ID and Origins will be set to localhost")
 		rpid = "localhost"
 		rporigin = "http://localhost" + ":" + config.C.HttpPort
 	} else {
 		urlStruct, err := url.Parse(urlStr)
 		if err != nil {
 			return err
 		}
 		rpid = urlStruct.Hostname()
 		rporigin, err = protocol.FullyQualifiedOrigin(urlStr)
 		if err != nil {
 			log.Error().Err(err).Msg("Failed to get fully qualified origin from external URL")
 		}
 	}
 	webAuthn, err = webauthn.New(&webauthn.Config{
 		RPDisplayName: "Opengist",
 		RPID:          rpid,
 		RPOrigins:     []string{rporigin},
 	})
 	return err
 }
 func BeginBinding(dbUser *db.User) (credCreation *protocol.CredentialCreation, jsonSession []byte, err error) {
 	waUser := &user{User: dbUser}
 	credCreation, session, err := webAuthn.BeginRegistration(waUser, webauthn.WithAuthenticatorSelection(
 		protocol.AuthenticatorSelection{
 			ResidentKey:      protocol.ResidentKeyRequirementRequired,
 			UserVerification: protocol.VerificationRequired,
 		},
 	), webauthn.WithAppIdExcludeExtension("Opengist"), webauthn.WithExclusions(waUser.Exclusions()))
 	if err != nil {
 		return nil, nil, err
 	}
 	jsonSession, _ = json.Marshal(session)
 	return
 }
 func FinishBinding(dbUser *db.User, jsonSession []byte, response *http.Request) (*webauthn.Credential, error) {
 	waUser := &user{User: dbUser}
 	var session webauthn.SessionData
 	_ = json.Unmarshal(jsonSession, &session)
 	return webAuthn.FinishRegistration(waUser, session, response)
 }
 func BeginDiscoverableLogin() (credCreation *protocol.CredentialAssertion, jsonSession []byte, err error) {
 	credCreation, session, err := webAuthn.BeginDiscoverableLogin(
 		webauthn.WithUserVerification(protocol.VerificationPreferred),
 	)
 	jsonSession, _ = json.Marshal(session)
 	return
 }
 func FinishDiscoverableLogin(jsonSession []byte, response *http.Request) (uint, error) {
 	var session webauthn.SessionData
 	_ = json.Unmarshal(jsonSession, &session)
 	parsedResponse, err := protocol.ParseCredentialRequestResponse(response)
 	if err != nil {
 		return 0, err
 	}
 	waUser, cred, err := webAuthn.ValidatePasskeyLogin(discoverUser, session, parsedResponse)
 	if err != nil {
 		return 0, err
 	}
 	dbCredential, err := db.GetCredentialByID(cred.ID)
 	if err != nil {
 		return 0, err
 	}
 	if err = dbCredential.UpdateSignCount(); err != nil {
 		return 0, err
 	}
 	if err = dbCredential.UpdateLastUsedAt(); err != nil {
 		return 0, err
 	}
 	return waUser.(*user).User.ID, nil
 }
 func BeginLogin(dbUser *db.User) (credCreation *protocol.CredentialAssertion, jsonSession []byte, err error) {
 	waUser := &user{User: dbUser}
 	credCreation, session, err := webAuthn.BeginLogin(waUser)
 	jsonSession, _ = json.Marshal(session)
 	return
 }
 func FinishLogin(dbUser *db.User, jsonSession []byte, response *http.Request) error {
 	waUser := &user{User: dbUser}
 	var session webauthn.SessionData
 	_ = json.Unmarshal(jsonSession, &session)
 	cred, err := webAuthn.FinishLogin(waUser, session, response)
 	if err != nil {
 		return err
 	}
 	dbCredential, err := db.GetCredentialByID(cred.ID)
 	if err != nil {
 		return err
 	}
 	if err = dbCredential.UpdateSignCount(); err != nil {
 		return err
 	}
 	if err = dbCredential.UpdateLastUsedAt(); err != nil {
 		return err
 	}
 	return err
 }
--- a/internal/cli/admin.go
+++ b/internal/cli/admin.go
@@ -0,0 +1,78 @@
 package cli
 import (
 	"fmt"
 	"github.com/thomiceli/opengist/internal/auth/password"
 	"github.com/thomiceli/opengist/internal/db"
 	"github.com/urfave/cli/v2"
 )
 var CmdAdmin = cli.Command{
 	Name:  "admin",
 	Usage: "Admin commands",
 	Subcommands: []*cli.Command{
 		&CmdAdminResetPassword,
 		&CmdAdminToggleAdmin,
 	},
 }
 var CmdAdminResetPassword = cli.Command{
 	Name:      "reset-password",
 	Usage:     "Reset the password for a given user",
 	ArgsUsage: "[username] [password]",
 	Action: func(ctx *cli.Context) error {
 		initialize(ctx)
 		if ctx.NArg() < 2 {
 			return fmt.Errorf("username and password are required")
 		}
 		username := ctx.Args().Get(0)
 		plainPassword := ctx.Args().Get(1)
 		user, err := db.GetUserByUsername(username)
 		if err != nil {
 			fmt.Printf("Cannot get user %s: %s\n", username, err)
 			return err
 		}
 		password, err := password.HashPassword(plainPassword)
 		if err != nil {
 			fmt.Printf("Cannot hash password for user %s: %s\n", username, err)
 			return err
 		}
 		user.Password = password
 		if err = user.Update(); err != nil {
 			fmt.Printf("Cannot update password for user %s: %s\n", username, err)
 			return err
 		}
 		fmt.Printf("Password for user %s has been reset.\n", username)
 		return nil
 	},
 }
 var CmdAdminToggleAdmin = cli.Command{
 	Name:      "toggle-admin",
 	Usage:     "Toggle the admin status for a given user",
 	ArgsUsage: "[username]",
 	Action: func(ctx *cli.Context) error {
 		initialize(ctx)
 		if ctx.NArg() < 1 {
 			return fmt.Errorf("username is required")
 		}
 		username := ctx.Args().Get(0)
 		user, err := db.GetUserByUsername(username)
 		if err != nil {
 			fmt.Printf("Cannot get user %s: %s\n", username, err)
 			return err
 		}
 		user.IsAdmin = !user.IsAdmin
 		if err = user.Update(); err != nil {
 			fmt.Printf("Cannot update user %s: %s\n", username, err)
 		}
 		fmt.Printf("User %s admin set to %t\n", username, user.IsAdmin)
 		return nil
 	},
 }
--- a/internal/cli/hook.go
+++ b/internal/cli/hook.go
@@ -0,0 +1,56 @@
 package cli
 import (
 	"github.com/rs/zerolog/log"
 	"github.com/thomiceli/opengist/internal/config"
 	"github.com/thomiceli/opengist/internal/db"
 	"github.com/thomiceli/opengist/internal/hooks"
 	"github.com/urfave/cli/v2"
 	"io"
 	"os"
 )
 var CmdHook = cli.Command{
 	Name:  "hook",
 	Usage: "Run Git server hooks, used and should only be called by Opengist itself",
 	Subcommands: []*cli.Command{
 		&CmdHookPreReceive,
 		&CmdHookPostReceive,
 	},
 }
 var CmdHookPreReceive = cli.Command{
 	Name:  "pre-receive",
 	Usage: "Run Git server pre-receive hook for a repository",
 	Action: func(ctx *cli.Context) error {
 		initialize(ctx)
 		if err := hooks.PreReceive(os.Stdin, os.Stdout, os.Stderr); err != nil {
 			os.Exit(1)
 		}
 		return nil
 	},
 }
 var CmdHookPostReceive = cli.Command{
 	Name:  "post-receive",
 	Usage: "Run Git server post-receive hook for a repository",
 	Action: func(ctx *cli.Context) error {
 		initialize(ctx)
 		if err := hooks.PostReceive(os.Stdin, os.Stdout, os.Stderr); err != nil {
 			os.Exit(1)
 		}
 		return nil
 	},
 }
 func initialize(ctx *cli.Context) {
 	if err := config.InitConfig(ctx.String("config"), io.Discard); err != nil {
 		panic(err)
 	}
 	config.InitLog()
 	db.DeprecationDBFilename()
 	if err := db.Setup(config.C.DBUri); err != nil {
 		log.Fatal().Err(err).Msg("Failed to initialize database in hooks")
 	}
 }
--- a/internal/cli/main.go
+++ b/internal/cli/main.go
@@ -0,0 +1,184 @@
 package cli
 import (
 	"fmt"
 	"github.com/rs/zerolog/log"
 	"github.com/thomiceli/opengist/internal/auth/webauthn"
 	"github.com/thomiceli/opengist/internal/config"
 	"github.com/thomiceli/opengist/internal/db"
 	"github.com/thomiceli/opengist/internal/git"
 	"github.com/thomiceli/opengist/internal/index"
 	"github.com/thomiceli/opengist/internal/ssh"
 	"github.com/thomiceli/opengist/internal/web/server"
 	"github.com/urfave/cli/v2"
 	"os"
 	"os/signal"
 	"path"
 	"path/filepath"
 	"syscall"
 )
 var CmdVersion = cli.Command{
 	Name:  "version",
 	Usage: "Print the version of Opengist",
 	Action: func(c *cli.Context) error {
 		fmt.Println("Opengist " + config.OpengistVersion)
 		return nil
 	},
 }
 var CmdStart = cli.Command{
 	Name:  "start",
 	Usage: "Start Opengist server",
 	Action: func(ctx *cli.Context) error {
 		stopCtx, stop := signal.NotifyContext(ctx.Context, syscall.SIGINT, syscall.SIGTERM)
 		defer stop()
 		Initialize(ctx)
 		go server.NewServer(os.Getenv("OG_DEV") == "1", path.Join(config.GetHomeDir(), "sessions"), false).Start()
 		go ssh.Start()
 		<-stopCtx.Done()
 		shutdown()
 		return nil
 	},
 }
 var ConfigFlag = cli.StringFlag{
 	Name:    "config",
 	Aliases: []string{"c"},
 	Usage:   "Path to a config file in YAML format",
 }
 func App() error {
 	app := cli.NewApp()
 	app.Name = "Opengist"
 	app.Usage = "A self-hosted pastebin powered by Git."
 	app.HelpName = "opengist"
 	app.Commands = []*cli.Command{&CmdVersion, &CmdStart, &CmdHook, &CmdAdmin}
 	app.DefaultCommand = CmdStart.Name
 	app.Flags = []cli.Flag{
 		&ConfigFlag,
 	}
 	return app.Run(os.Args)
 }
 func Initialize(ctx *cli.Context) {
 	fmt.Println("Opengist " + config.OpengistVersion)
 	if err := config.InitConfig(ctx.String("config"), os.Stdout); err != nil {
 		panic(err)
 	}
 	if err := os.MkdirAll(filepath.Join(config.GetHomeDir()), 0755); err != nil {
 		panic(err)
 	}
 	config.SetupSecretKey()
 	config.InitLog()
 	gitVersion, err := git.GetGitVersion()
 	if err != nil {
 		log.Fatal().Err(err).Send()
 	}
 	if ok, err := config.CheckGitVersion(gitVersion); err != nil {
 		log.Fatal().Err(err).Send()
 	} else if !ok {
 		log.Warn().Msg("Git version may be too old, as Opengist has not been tested prior git version 2.28 and some features would not work. " +
 			"Current git version: " + gitVersion)
 	}
 	homePath := config.GetHomeDir()
 	log.Info().Msg("Data directory: " + homePath)
 	if err := git.InitGitConfig(); err != nil {
 		log.Warn().Err(err).Msgf("Failed to change the host's git global config, ensure to add to `safe.directory` the path %s, and `receive.advertisePushOptions` is set to true.", homePath)
 	}
 	if err := createSymlink(homePath, ctx.String("config")); err != nil {
 		log.Fatal().Err(err).Msg("Failed to create symlinks")
 	}
 	if err := os.MkdirAll(filepath.Join(homePath, "sessions"), 0755); err != nil {
 		log.Fatal().Err(err).Send()
 	}
 	if err := os.MkdirAll(filepath.Join(homePath, "repos"), 0755); err != nil {
 		log.Fatal().Err(err).Send()
 	}
 	if err := os.MkdirAll(filepath.Join(homePath, "tmp", "repos"), 0755); err != nil {
 		log.Fatal().Err(err).Send()
 	}
 	if err := os.MkdirAll(filepath.Join(homePath, "custom"), 0755); err != nil {
 		log.Fatal().Err(err).Send()
 	}
 	db.DeprecationDBFilename()
 	if err := db.Setup(config.C.DBUri); err != nil {
 		log.Fatal().Err(err).Msg("Failed to initialize database")
 	}
 	if err := webauthn.Init(config.C.ExternalUrl); err != nil {
 		log.Error().Err(err).Msg("Failed to initialize WebAuthn")
 	}
 	if config.C.IndexEnabled {
 		log.Info().Msg("Index directory: " + filepath.Join(homePath, config.C.IndexDirname))
 		index.Init(filepath.Join(homePath, config.C.IndexDirname))
 	}
 }
 func shutdown() {
 	log.Info().Msg("Shutting down database...")
 	if err := db.Close(); err != nil {
 		log.Error().Err(err).Msg("Failed to close database")
 	}
 	if config.C.IndexEnabled {
 		log.Info().Msg("Shutting down index...")
 		index.Close()
 	}
 	log.Info().Msg("Shutdown complete")
 }
 func createSymlink(homePath string, configPath string) error {
 	if err := os.MkdirAll(filepath.Join(homePath, "symlinks"), 0755); err != nil {
 		return err
 	}
 	exePath, err := os.Executable()
 	if err != nil {
 		return err
 	}
 	symlinkExePath := path.Join(config.GetHomeDir(), "symlinks", "opengist")
 	if _, err := os.Lstat(symlinkExePath); err == nil {
 		if err := os.Remove(symlinkExePath); err != nil {
 			return err
 		}
 	}
 	if err = os.Symlink(exePath, symlinkExePath); err != nil {
 		return err
 	}
 	if configPath == "" {
 		return nil
 	}
 	configPath, _ = filepath.Abs(configPath)
 	configPath = filepath.Clean(configPath)
 	symlinkConfigPath := path.Join(config.GetHomeDir(), "symlinks", "config.yml")
 	if _, err := os.Lstat(symlinkConfigPath); err == nil {
 		if err := os.Remove(symlinkConfigPath); err != nil {
 			return err
 		}
 	}
 	if err = os.Symlink(configPath, symlinkConfigPath); err != nil {
 		return err
 	}
 	return nil
 }
--- a/internal/config/config.go
+++ b/internal/config/config.go
@@ -2,38 +2,51 @@ package config
 import (
 	"fmt"
 	"github.com/thomiceli/opengist/internal/session"
 	"io"
 	"net/url"
 	"os"
 	"path/filepath"
 	"reflect"
 	"slices"
 	"strconv"
 	"strings"
 	"time"
 	"github.com/rs/zerolog"
 	"github.com/rs/zerolog/log"
 	"github.com/thomiceli/opengist/internal/utils"
 	"gopkg.in/yaml.v3"
 )
-var OpengistVersion = "1.4.1"
+var OpengistVersion = ""
 var C *config
 var SecretKey []byte
 // Not using nested structs because the library
 // doesn't support dot notation in this case sadly
 type config struct {
 	SecretKey string `yaml:"secret-key" env:"OG_SECRET_KEY"`
 	LogLevel     string `yaml:"log-level" env:"OG_LOG_LEVEL"`
 	LogOutput    string `yaml:"log-output" env:"OG_LOG_OUTPUT"`
 	ExternalUrl  string `yaml:"external-url" env:"OG_EXTERNAL_URL"`
 	OpengistHome string `yaml:"opengist-home" env:"OG_OPENGIST_HOME"`
-	DBFilename   string `yaml:"db-filename" env:"OG_DB_FILENAME"`
+
 	DBUri      string `yaml:"db-uri" env:"OG_DB_URI"`
 	DBFilename string `yaml:"db-filename" env:"OG_DB_FILENAME"` // deprecated
 	IndexEnabled bool   `yaml:"index.enabled" env:"OG_INDEX_ENABLED"`
 	IndexDirname string `yaml:"index.dirname" env:"OG_INDEX_DIRNAME"`
 	GitDefaultBranch string `yaml:"git.default-branch" env:"OG_GIT_DEFAULT_BRANCH"`
 	SqliteJournalMode string `yaml:"sqlite.journal-mode" env:"OG_SQLITE_JOURNAL_MODE"`
-	HttpHost       string `yaml:"http.host" env:"OG_HTTP_HOST"`
+	HttpHost string `yaml:"http.host" env:"OG_HTTP_HOST"`
-	HttpPort       string `yaml:"http.port" env:"OG_HTTP_PORT"`
+	HttpPort string `yaml:"http.port" env:"OG_HTTP_PORT"`
-	HttpGit        bool   `yaml:"http.git-enabled" env:"OG_HTTP_GIT_ENABLED"`
+	HttpGit  bool   `yaml:"http.git-enabled" env:"OG_HTTP_GIT_ENABLED"`
 	HttpTLSEnabled bool   `yaml:"http.tls-enabled" env:"OG_HTTP_TLS_ENABLED"`
 	HttpCertFile   string `yaml:"http.cert-file" env:"OG_HTTP_CERT_FILE"`
 	HttpKeyFile    string `yaml:"http.key-file" env:"OG_HTTP_KEY_FILE"`
 	SshGit            bool   `yaml:"ssh.git-enabled" env:"OG_SSH_GIT_ENABLED"`
 	SshHost           string `yaml:"ssh.host" env:"OG_SSH_HOST"`
@@ -44,56 +57,99 @@ type config struct {
 	GithubClientKey string `yaml:"github.client-key" env:"OG_GITHUB_CLIENT_KEY"`
 	GithubSecret    string `yaml:"github.secret" env:"OG_GITHUB_SECRET"`
 	GitlabClientKey string `yaml:"gitlab.client-key" env:"OG_GITLAB_CLIENT_KEY"`
 	GitlabSecret    string `yaml:"gitlab.secret" env:"OG_GITLAB_SECRET"`
 	GitlabUrl       string `yaml:"gitlab.url" env:"OG_GITLAB_URL"`
 	GitlabName      string `yaml:"gitlab.name" env:"OG_GITLAB_NAME"`
 	GiteaClientKey string `yaml:"gitea.client-key" env:"OG_GITEA_CLIENT_KEY"`
 	GiteaSecret    string `yaml:"gitea.secret" env:"OG_GITEA_SECRET"`
 	GiteaUrl       string `yaml:"gitea.url" env:"OG_GITEA_URL"`
 	GiteaName      string `yaml:"gitea.name" env:"OG_GITEA_NAME"`
 	OIDCClientKey    string `yaml:"oidc.client-key" env:"OG_OIDC_CLIENT_KEY"`
 	OIDCSecret       string `yaml:"oidc.secret" env:"OG_OIDC_SECRET"`
 	OIDCDiscoveryUrl string `yaml:"oidc.discovery-url" env:"OG_OIDC_DISCOVERY_URL"`
 	CustomName    string       `yaml:"custom.name" env:"OG_CUSTOM_NAME"`
 	CustomLogo    string       `yaml:"custom.logo" env:"OG_CUSTOM_LOGO"`
 	CustomFavicon string       `yaml:"custom.favicon" env:"OG_CUSTOM_FAVICON"`
 	StaticLinks   []StaticLink `yaml:"custom.static-links" env:"OG_CUSTOM_STATIC_LINK"`
 }
 type StaticLink struct {
 	Name string `yaml:"name" env:"OG_CUSTOM_STATIC_LINK_#_NAME"`
 	Path string `yaml:"path" env:"OG_CUSTOM_STATIC_LINK_#_PATH"`
 }
 func configWithDefaults() (*config, error) {
 	homeDir, err := os.UserHomeDir()
 	c := &config{}
-	if err != nil {
+
-		return c, err
+	c.SecretKey = ""
 	}
 	c.LogLevel = "warn"
-	c.OpengistHome = filepath.Join(homeDir, ".opengist")
+	c.LogOutput = "stdout,file"
-	c.DBFilename = "opengist.db"
+	c.OpengistHome = ""
 	c.DBUri = "opengist.db"
 	c.IndexEnabled = true
 	c.IndexDirname = "opengist.index"
 	c.SqliteJournalMode = "WAL"
 	c.HttpHost = "0.0.0.0"
 	c.HttpPort = "6157"
 	c.HttpGit = true
 	c.HttpTLSEnabled = false
 	c.SshGit = true
 	c.SshHost = "0.0.0.0"
 	c.SshPort = "2222"
 	c.SshKeygen = "ssh-keygen"
-	c.GiteaUrl = "http://gitea.com"
+	c.GitlabName = "GitLab"
 	c.GiteaUrl = "https://gitea.com"
 	c.GiteaName = "Gitea"
 	return c, nil
 }
-func InitConfig(configPath string) error {
+func InitConfig(configPath string, out io.Writer) error {
 	// Default values
 	c, err := configWithDefaults()
 	if err != nil {
 		return err
 	}
-	if err = loadConfigFromYaml(c, configPath); err != nil {
+	if err = loadConfigFromYaml(c, configPath, out); err != nil {
 		return err
 	}
-	if err = loadConfigFromEnv(c); err != nil {
+	if err = loadConfigFromEnv(c, out); err != nil {
 		return err
 	}
 	if c.OpengistHome == "" {
 		homeDir, err := os.UserHomeDir()
 		if err != nil {
 			return fmt.Errorf("opengist home directory is not set and current user home directory could not be determined; please specify the opengist home directory manually via the configuration")
 		}
 		c.OpengistHome = filepath.Join(homeDir, ".opengist")
 	}
 	if err = checks(c); err != nil {
 		return err
 	}
 	C = c
 	if err = migrateConfig(); err != nil {
 		return err
 	}
 	if err = os.Setenv("OG_OPENGIST_HOME_INTERNAL", GetHomeDir()); err != nil {
 		return err
 	}
 	return nil
 }
@@ -101,21 +157,61 @@ func InitLog() {
 	if err := os.MkdirAll(filepath.Join(GetHomeDir(), "log"), 0755); err != nil {
 		panic(err)
 	}
 	file, err := os.OpenFile(filepath.Join(GetHomeDir(), "log", "opengist.log"), os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644)
 	if err != nil {
 		panic(err)
 	}
 	var level zerolog.Level
-	level, err = zerolog.ParseLevel(C.LogLevel)
+	level, err := zerolog.ParseLevel(C.LogLevel)
 	if err != nil {
 		level = zerolog.InfoLevel
 	}
-	multi := zerolog.MultiLevelWriter(zerolog.NewConsoleWriter(), file)
+	var logWriters []io.Writer
-	log.Logger = zerolog.New(multi).Level(level).With().Timestamp().Logger()
+	logOutputTypes := strings.Split(strings.ToLower(C.LogOutput), ",")
 	slices.Sort(logOutputTypes)
 	logOutputTypes = slices.Compact(logOutputTypes)
-	if !utils.SliceContains([]string{"trace", "debug", "info", "warn", "error", "fatal", "panic"}, strings.ToLower(C.LogLevel)) {
+	consoleWriter := zerolog.NewConsoleWriter(
 		func(w *zerolog.ConsoleWriter) {
 			w.TimeFormat = time.TimeOnly
 			w.FormatCaller = func(i interface{}) string {
 				file := i.(string)
 				index := strings.Index(file, "internal")
 				if index == -1 {
 					return file
 				}
 				return file[index:]
 			}
 		},
 	)
 	for _, logOutputType := range logOutputTypes {
 		logOutputType = strings.TrimSpace(logOutputType)
 		if !slices.Contains([]string{"stdout", "file"}, logOutputType) {
 			defer func() { log.Warn().Msg("Invalid log output type: " + logOutputType) }()
 			continue
 		}
 		switch logOutputType {
 		case "stdout":
 			logWriters = append(logWriters, consoleWriter)
 			defer func() { log.Debug().Msg("Logging to stdout") }()
 		case "file":
 			file, err := os.OpenFile(filepath.Join(GetHomeDir(), "log", "opengist.log"), os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644)
 			if err != nil {
 				panic(err)
 			}
 			logWriters = append(logWriters, file)
 			defer func() { log.Debug().Msg("Logging to file: " + file.Name()) }()
 		}
 	}
 	if len(logWriters) == 0 {
 		logWriters = append(logWriters, consoleWriter)
 		defer func() { log.Warn().Msg("No valid log outputs, defaulting to stdout") }()
 	}
 	multi := zerolog.MultiLevelWriter(logWriters...)
 	log.Logger = zerolog.New(multi).Level(level).With().Caller().Timestamp().Logger()
 	if !slices.Contains([]string{"debug", "info", "warn", "error", "fatal"}, strings.ToLower(C.LogLevel)) {
 		log.Warn().Msg("Invalid log level: " + C.LogLevel)
 	}
 }
@@ -134,8 +230,8 @@ func CheckGitVersion(version string) (bool, error) {
 		return false, fmt.Errorf("invalid minor version number")
 	}
-	// Check if version is prior to 2.20
+	// Check if version is prior to 2.28
-	if major < 2 || (major == 2 && minor < 20) {
+	if major < 2 || (major == 2 && minor < 28) {
 		return false, nil
 	}
 	return true, nil
@@ -146,7 +242,16 @@ func GetHomeDir() string {
 	return filepath.Clean(absolutePath)
 }
-func loadConfigFromYaml(c *config, configPath string) error {
+func SetupSecretKey() {
 	if C.SecretKey == "" {
 		path := filepath.Join(GetHomeDir(), "opengist-secret.key")
 		SecretKey, _ = session.GenerateSecretKey(path)
 	} else {
 		SecretKey = []byte(C.SecretKey)
 	}
 }
 func loadConfigFromYaml(c *config, configPath string, out io.Writer) error {
 	if configPath != "" {
 		absolutePath, _ := filepath.Abs(configPath)
 		absolutePath = filepath.Clean(absolutePath)
@@ -155,9 +260,9 @@ func loadConfigFromYaml(c *config, configPath string) error {
 			if !os.IsNotExist(err) {
 				return err
 			}
-			fmt.Println("No YAML config file found at " + absolutePath)
+			_, _ = fmt.Fprintln(out, "No YAML config file found at "+absolutePath)
 		} else {
-			fmt.Println("Using YAML config file: " + absolutePath)
+			_, _ = fmt.Fprintln(out, "Using YAML config file: "+absolutePath)
 			// Override default values with values from config.yml
 			d := yaml.NewDecoder(file)
@@ -167,24 +272,13 @@ func loadConfigFromYaml(c *config, configPath string) error {
 			defer file.Close()
 		}
 	} else {
-		fmt.Println("No YAML config file specified.")
+		_, _ = fmt.Fprintln(out, "No YAML config file specified.")
 	}
 	// Override default values with environment variables (as yaml)
 	configEnv := os.Getenv("CONFIG")
 	if configEnv != "" {
 		fmt.Println("Using config from environment variable: CONFIG")
 		fmt.Println("!! This method of setting the config is deprecated and will be removed in a future version of Opengist")
 		d := yaml.NewDecoder(strings.NewReader(configEnv))
 		if err := d.Decode(&c); err != nil {
 			return err
 		}
 	}
 	return nil
 }
-func loadConfigFromEnv(c *config) error {
+func loadConfigFromEnv(c *config, out io.Writer) error {
 	v := reflect.ValueOf(c).Elem()
 	var envVars []string
@@ -196,28 +290,85 @@ func loadConfigFromEnv(c *config) error {
 		}
 		envValue := os.Getenv(strings.ToUpper(tag))
-		if envValue == "" {
+		if envValue == "" && v.Field(i).Kind() != reflect.Slice {
 			continue
 		}
 		switch v.Field(i).Kind() {
 		case reflect.String:
 			v.Field(i).SetString(envValue)
 			envVars = append(envVars, tag)
 		case reflect.Bool:
 			boolVal, err := strconv.ParseBool(envValue)
 			if err != nil {
 				return err
 			}
 			v.Field(i).SetBool(boolVal)
 			envVars = append(envVars, tag)
 		case reflect.Slice:
 			if v.Type().Field(i).Type.Elem().Kind() == reflect.Struct {
 				prefix := strings.ToUpper(tag) + "_"
 				var sliceValue reflect.Value
 				elemType := v.Type().Field(i).Type.Elem()
 				for index := 0; ; index++ {
 					allFieldsPresent := true
 					elemValue := reflect.New(elemType).Elem()
 					for j := 0; j < elemValue.NumField() && allFieldsPresent; j++ {
 						elemField := elemValue.Type().Field(j)
 						envName := fmt.Sprintf("%s%d_%s", prefix, index, strings.ToUpper(elemField.Name))
 						envValue, present := os.LookupEnv(envName)
 						if !present {
 							allFieldsPresent = false
 							break
 						}
 						envVars = append(envVars, envName)
 						elemValue.Field(j).SetString(envValue)
 					}
 					if !allFieldsPresent {
 						break
 					}
 					if sliceValue.Kind() != reflect.Slice {
 						sliceValue = reflect.MakeSlice(v.Type().Field(i).Type, 0, index+1)
 					}
 					sliceValue = reflect.Append(sliceValue, elemValue)
 				}
 				if sliceValue.IsValid() {
 					v.Field(i).Set(sliceValue)
 				}
 			}
 		default:
 			return fmt.Errorf("unsupported type: %s", v.Field(i).Kind())
 		}
 		envVars = append(envVars, tag)
 	}
 	if len(envVars) > 0 {
-		fmt.Println("Using environment variables config: " + strings.Join(envVars, ", "))
+		_, _ = fmt.Fprintln(out, "Using environment variables config: "+strings.Join(envVars, ", "))
 	} else {
-		fmt.Println("No environment variables config specified.")
+		_, _ = fmt.Fprintln(out, "No environment variables config specified.")
 	}
 	return nil
 }
 func checks(c *config) error {
 	if _, err := url.Parse(c.ExternalUrl); err != nil {
 		return err
 	}
 	if _, err := url.Parse(c.GiteaUrl); err != nil {
 		return err
 	}
 	if _, err := url.Parse(c.OIDCDiscoveryUrl); err != nil {
 		return err
 	}
 	return nil
--- a/internal/config/migrate.go
+++ b/internal/config/migrate.go
@@ -0,0 +1,42 @@
 package config
 import (
 	"fmt"
 	"os"
 	"path/filepath"
 )
 // auto migration for newer versions of Opengist
 func migrateConfig() error {
 	configMigrations := []struct {
 		Version string
 		Func    func() error
 	}{
 		{"1.8.0", v1_8_0},
 	}
 	for _, fn := range configMigrations {
 		err := fn.Func()
 		if err != nil {
 			return err
 		}
 	}
 	return nil
 }
 func v1_8_0() error {
 	homeDir := GetHomeDir()
 	moveFile(filepath.Join(filepath.Join(homeDir, "sessions"), "session-auth.key"), filepath.Join(homeDir, "opengist-secret.key"))
 	return nil
 }
 func moveFile(oldPath, newPath string) {
 	if _, err := os.Stat(oldPath); err != nil {
 		return
 	}
 	if err := os.Rename(oldPath, newPath); err == nil {
 		fmt.Printf("Automatically moved %s to %s\n", oldPath, newPath)
 	}
 }
--- a/internal/models/admin_setting.go
+++ b/internal/models/admin_setting.go
@@ -1,24 +1,31 @@
-package models
+package db
 import (
 	"gorm.io/gorm/clause"
 )
 type AdminSetting struct {
-	Key   string `gorm:"uniqueIndex"`
+	Key   string `gorm:"index:,unique"`
 	Value string
 }
 const (
-	SettingDisableSignup    = "disable-signup"
+	SettingDisableSignup          = "disable-signup"
-	SettingRequireLogin     = "require-login"
+	SettingRequireLogin           = "require-login"
-	SettingDisableLoginForm = "disable-login-form"
+	SettingAllowGistsWithoutLogin = "allow-gists-without-login"
-	SettingDisableGravatar  = "disable-gravatar"
+	SettingDisableLoginForm       = "disable-login-form"
 	SettingDisableGravatar        = "disable-gravatar"
 )
 func GetSetting(key string) (string, error) {
 	var setting AdminSetting
-	err := db.Where("key = ?", key).First(&setting).Error
+	var err error
 	switch db.Dialector.Name() {
 	case "mysql", "sqlite":
 		err = db.Where("`key` = ?", key).First(&setting).Error
 	case "postgres":
 		err = db.Where("key = ?", key).First(&setting).Error
 	}
 	return setting.Value, err
 }
@@ -48,7 +55,7 @@ func UpdateSetting(key string, value string) error {
 }
 func setSetting(key string, value string) error {
-	return db.Create(&AdminSetting{Key: key, Value: value}).Error
+	return db.FirstOrCreate(&AdminSetting{Key: key, Value: value}, &AdminSetting{Key: key}).Error
 }
 func initAdminSettings(settings map[string]string) error {
@@ -62,3 +69,21 @@ func initAdminSettings(settings map[string]string) error {
 	return nil
 }
 type AuthInfo struct{}
 func (auth AuthInfo) RequireLogin() (bool, error) {
 	s, err := GetSetting(SettingRequireLogin)
 	if err != nil {
 		return true, err
 	}
 	return s == "1", nil
 }
 func (auth AuthInfo) AllowGistsWithoutLogin() (bool, error) {
 	s, err := GetSetting(SettingAllowGistsWithoutLogin)
 	if err != nil {
 		return false, err
 	}
 	return s == "1", nil
 }
--- a/internal/db/db.go
+++ b/internal/db/db.go
@@ -0,0 +1,262 @@
 package db
 import (
 	"errors"
 	"fmt"
 	"github.com/glebarez/sqlite"
 	"gorm.io/driver/mysql"
 	"gorm.io/driver/postgres"
 	"gorm.io/gorm/logger"
 	"net/url"
 	"path/filepath"
 	"slices"
 	"strings"
 	"time"
 	"github.com/rs/zerolog/log"
 	"github.com/thomiceli/opengist/internal/config"
 	"gorm.io/gorm"
 )
 var db *gorm.DB
 const (
 	SQLite databaseType = iota
 	PostgreSQL
 	MySQL
 )
 type databaseType int
 func (d databaseType) String() string {
 	return [...]string{"SQLite", "PostgreSQL", "MySQL"}[d]
 }
 type databaseInfo struct {
 	Type     databaseType
 	Host     string
 	Port     string
 	User     string
 	Password string
 	Database string
 }
 var DatabaseInfo *databaseInfo
 func parseDBURI(uri string) (*databaseInfo, error) {
 	info := &databaseInfo{}
 	if uri == ":memory:" {
 		info.Type = SQLite
 		info.Database = uri
 		return info, nil
 	}
 	u, err := url.Parse(uri)
 	if err != nil {
 		return nil, fmt.Errorf("invalid URI: %v", err)
 	}
 	if u.Scheme == "" {
 		info.Type = SQLite
 		info.Database = filepath.Join(config.GetHomeDir(), uri)
 		return info, nil
 	}
 	switch u.Scheme {
 	case "postgres", "postgresql":
 		info.Type = PostgreSQL
 	case "mysql", "mariadb":
 		info.Type = MySQL
 	case "file":
 		info.Type = SQLite
 	default:
 		return nil, fmt.Errorf("unknown database: %v", err)
 	}
 	if u.Host != "" {
 		host, port, _ := strings.Cut(u.Host, ":")
 		info.Host = host
 		info.Port = port
 	}
 	if u.User != nil {
 		info.User = u.User.Username()
 		info.Password, _ = u.User.Password()
 	}
 	switch info.Type {
 	case PostgreSQL, MySQL:
 		info.Database = strings.TrimPrefix(u.Path, "/")
 	case SQLite:
 		info.Database = u.String()
 	default:
 		return nil, fmt.Errorf("unknown database: %v", err)
 	}
 	return info, nil
 }
 func Setup(dbUri string) error {
 	dbInfo, err := parseDBURI(dbUri)
 	if err != nil {
 		return err
 	}
 	log.Info().Msgf("Setting up a %s database connection", dbInfo.Type)
 	var setupFunc func(databaseInfo) error
 	switch dbInfo.Type {
 	case SQLite:
 		setupFunc = setupSQLite
 	case PostgreSQL:
 		setupFunc = setupPostgres
 	case MySQL:
 		setupFunc = setupMySQL
 	default:
 		return fmt.Errorf("unknown database type: %v", dbInfo.Type)
 	}
 	maxAttempts := 60
 	retryInterval := 1 * time.Second
 	for attempt := 1; attempt <= maxAttempts; attempt++ {
 		err = setupFunc(*dbInfo)
 		if err == nil {
 			log.Info().Msg("Database connection established")
 			break
 		}
 		if attempt < maxAttempts {
 			log.Warn().Err(err).Msgf("Failed to connect to database (attempt %d), retrying in %v...", attempt, retryInterval)
 			time.Sleep(retryInterval)
 		} else {
 			return err
 		}
 	}
 	DatabaseInfo = dbInfo
 	if err = db.SetupJoinTable(&Gist{}, "Likes", &Like{}); err != nil {
 		return err
 	}
 	if err = db.SetupJoinTable(&User{}, "Liked", &Like{}); err != nil {
 		return err
 	}
 	if err = db.AutoMigrate(&User{}, &Gist{}, &SSHKey{}, &AdminSetting{}, &Invitation{}, &WebAuthnCredential{}, &TOTP{}, &GistTopic{}, &GistLanguage{}); err != nil {
 		return err
 	}
 	if err = applyMigrations(dbInfo); err != nil {
 		return err
 	}
 	// Default admin setting values
 	return initAdminSettings(map[string]string{
 		SettingDisableSignup:          "0",
 		SettingRequireLogin:           "0",
 		SettingAllowGistsWithoutLogin: "0",
 		SettingDisableLoginForm:       "0",
 		SettingDisableGravatar:        "0",
 	})
 }
 func Close() error {
 	sqlDB, err := db.DB()
 	if err != nil {
 		return err
 	}
 	return sqlDB.Close()
 }
 func CountAll(table interface{}) (int64, error) {
 	var count int64
 	err := db.Model(table).Count(&count).Error
 	return count, err
 }
 func IsUniqueConstraintViolation(err error) bool {
 	return errors.Is(err, gorm.ErrDuplicatedKey)
 }
 func Ping() error {
 	sql, err := db.DB()
 	if err != nil {
 		return err
 	}
 	return sql.Ping()
 }
 func setupSQLite(dbInfo databaseInfo) error {
 	var err error
 	var dsn string
 	journalMode := strings.ToUpper(config.C.SqliteJournalMode)
 	if !slices.Contains([]string{"DELETE", "TRUNCATE", "PERSIST", "MEMORY", "WAL", "OFF"}, journalMode) {
 		log.Warn().Msg("Invalid SQLite journal mode: " + journalMode)
 	}
 	if dbInfo.Database == ":memory:" {
 		dsn = ":memory:?_fk=true&cache=shared"
 	} else {
 		u, err := url.Parse(dbInfo.Database)
 		if err != nil {
 			return err
 		}
 		u.Scheme = "file"
 		q := u.Query()
 		q.Set("_pragma", "foreign_keys(1)")
 		q.Set("_journal_mode", journalMode)
 		u.RawQuery = q.Encode()
 		dsn = u.String()
 	}
 	db, err = gorm.Open(sqlite.Open(dsn), &gorm.Config{
 		Logger:         logger.Default.LogMode(logger.Silent),
 		TranslateError: true,
 	})
 	return err
 }
 func setupPostgres(dbInfo databaseInfo) error {
 	var err error
 	dsn := fmt.Sprintf("host=%s port=%s user=%s password=%s dbname=%s sslmode=disable", dbInfo.Host, dbInfo.Port, dbInfo.User, dbInfo.Password, dbInfo.Database)
 	db, err = gorm.Open(postgres.Open(dsn), &gorm.Config{
 		Logger:         logger.Default.LogMode(logger.Silent),
 		TranslateError: true,
 	})
 	return err
 }
 func setupMySQL(dbInfo databaseInfo) error {
 	var err error
 	dsn := fmt.Sprintf("%s:%s@tcp(%s:%s)/%s?charset=utf8mb4&parseTime=True&loc=Local", dbInfo.User, dbInfo.Password, dbInfo.Host, dbInfo.Port, dbInfo.Database)
 	db, err = gorm.Open(mysql.New(mysql.Config{
 		DSN:                    dsn,
 		DontSupportRenameIndex: true,
 	}), &gorm.Config{
 		Logger:         logger.Default.LogMode(logger.Silent),
 		TranslateError: true,
 	})
 	return err
 }
 func DeprecationDBFilename() {
 	if config.C.DBFilename != "" {
 		log.Warn().Msg("The 'db-filename'/'OG_DB_FILENAME' configuration option is deprecated and will be removed in a future version. Please use 'db-uri'/'OG_DB_URI' instead.")
 	}
 	if config.C.DBUri == "" {
 		config.C.DBUri = config.C.DBFilename
 	}
 }
 func TruncateDatabase() error {
 	return db.Migrator().DropTable("likes", &User{}, "gists", &SSHKey{}, &AdminSetting{}, &Invitation{}, &WebAuthnCredential{}, &TOTP{}, &GistTopic{}, &GistLanguage{})
 }
--- a/internal/db/gist.go
+++ b/internal/db/gist.go
@@ -0,0 +1,841 @@
 package db
 import (
 	"bytes"
 	"encoding/gob"
 	"fmt"
 	"os/exec"
 	"path/filepath"
 	"slices"
 	"strings"
 	"time"
 	"github.com/alecthomas/chroma/v2"
 	"github.com/alecthomas/chroma/v2/lexers"
 	"github.com/dustin/go-humanize"
 	"github.com/rs/zerolog/log"
 	"github.com/thomiceli/opengist/internal/git"
 	"github.com/thomiceli/opengist/internal/index"
 	"gorm.io/gorm"
 )
 type Visibility int
 const (
 	PublicVisibility Visibility = iota
 	UnlistedVisibility
 	PrivateVisibility
 )
 func (v Visibility) String() string {
 	switch v {
 	case PublicVisibility:
 		return "public"
 	case UnlistedVisibility:
 		return "unlisted"
 	case PrivateVisibility:
 		return "private"
 	default:
 		return "???"
 	}
 }
 func (v Visibility) Next() Visibility {
 	switch v {
 	case PublicVisibility:
 		return UnlistedVisibility
 	case UnlistedVisibility:
 		return PrivateVisibility
 	default:
 		return PublicVisibility
 	}
 }
 func ParseVisibility[T string | int](v T) Visibility {
 	switch s := fmt.Sprint(v); s {
 	case "0", "public":
 		return PublicVisibility
 	case "1", "unlisted":
 		return UnlistedVisibility
 	case "2", "private":
 		return PrivateVisibility
 	default:
 		return PublicVisibility
 	}
 }
 type Gist struct {
 	ID              uint `gorm:"primaryKey"`
 	Uuid            string
 	Title           string
 	URL             string
 	Preview         string
 	PreviewFilename string
 	Description     string
 	Private         Visibility // 0: public, 1: unlisted, 2: private
 	UserID          uint
 	User            User
 	NbFiles         int
 	NbLikes         int
 	NbForks         int
 	CreatedAt       int64
 	UpdatedAt       int64
 	Likes    []User `gorm:"many2many:likes;constraint:OnUpdate:CASCADE,OnDelete:CASCADE"`
 	Forked   *Gist  `gorm:"foreignKey:ForkedID;constraint:OnUpdate:CASCADE,OnDelete:SET NULL"`
 	ForkedID uint
 	Topics    []GistTopic    `gorm:"constraint:OnUpdate:CASCADE,OnDelete:CASCADE"`
 	Languages []GistLanguage `gorm:"constraint:OnUpdate:CASCADE,OnDelete:CASCADE"`
 }
 type Like struct {
 	UserID    uint `gorm:"primaryKey"`
 	GistID    uint `gorm:"primaryKey"`
 	CreatedAt int64
 }
 func (gist *Gist) BeforeDelete(tx *gorm.DB) error {
 	// Decrement fork counter if the gist was forked
 	err := tx.Model(&Gist{}).
 		Omit("updated_at").
 		Where("id = ?", gist.ForkedID).
 		UpdateColumn("nb_forks", gorm.Expr("nb_forks - 1")).Error
 	return err
 }
 func GetGist(user string, gistUuid string) (*Gist, error) {
 	gist := new(Gist)
 	err := db.Preload("User").Preload("Forked.User").Preload("Topics").
 		Where("(gists.uuid like ? OR gists.url = ?) AND users.username like ?", gistUuid+"%", gistUuid, user).
 		Joins("join users on gists.user_id = users.id").
 		First(&gist).Error
 	return gist, err
 }
 func GetGistByID(gistId string) (*Gist, error) {
 	gist := new(Gist)
 	err := db.Preload("User").Preload("Forked.User").Preload("Topics").
 		Where("gists.id = ?", gistId).
 		First(&gist).Error
 	return gist, err
 }
 func GetAllGistsForCurrentUser(currentUserId uint, offset int, sort string, order string) ([]*Gist, error) {
 	var gists []*Gist
 	err := db.Preload("User").
 		Preload("Forked.User").
 		Preload("Topics").
 		Where("gists.private = 0 or gists.user_id = ?", currentUserId).
 		Limit(11).
 		Offset(offset * 10).
 		Order(sort + "_at " + order).
 		Find(&gists).Error
 	return gists, err
 }
 func GetAllGists(offset int) ([]*Gist, error) {
 	var gists []*Gist
 	err := db.Preload("User").
 		Limit(11).
 		Offset(offset * 10).
 		Order("id asc").
 		Find(&gists).Error
 	return gists, err
 }
 func GetAllGistsFromSearch(currentUserId uint, query string, offset int, sort string, order string, topic string) ([]*Gist, error) {
 	var gists []*Gist
 	tx := db.Preload("User").Preload("Forked.User").Preload("Topics").
 		Where("((gists.private = 0) or (gists.private > 0 and gists.user_id = ?))", currentUserId).
 		Where("gists.title like ? or gists.description like ?", "%"+query+"%", "%"+query+"%")
 	if topic != "" {
 		tx = tx.Joins("join gist_topics on gists.id = gist_topics.gist_id").
 			Where("gist_topics.topic = ?", topic)
 	}
 	err := tx.Limit(11).
 		Offset(offset * 10).
 		Order("gists." + sort + "_at " + order).
 		Find(&gists).Error
 	return gists, err
 }
 func gistsFromUserStatement(fromUserId uint, currentUserId uint) *gorm.DB {
 	return db.
 		Where("((gists.private = 0) or (gists.private > 0 and gists.user_id = ?))", currentUserId).
 		Where("users.id = ?", fromUserId).
 		Joins("join users on gists.user_id = users.id")
 }
 func gistsFromUserStatementWithPreloads(fromUserId uint, currentUserId uint) *gorm.DB {
 	return db.Preload("User").Preload("Forked.User").Preload("Topics").
 		Where("((gists.private = 0) or (gists.private > 0 and gists.user_id = ?))", currentUserId).
 		Where("users.id = ?", fromUserId).
 		Joins("join users on gists.user_id = users.id")
 }
 func GetAllGistsFromUser(fromUserId uint, currentUserId uint, title string, language string, visibility string, topics []string, offset int, sort string, order string) ([]*Gist, int64, error) {
 	var gists []*Gist
 	var count int64
 	baseQuery := gistsFromUserStatementWithPreloads(fromUserId, currentUserId).Model(&Gist{})
 	if title != "" {
 		baseQuery = baseQuery.Where("gists.title like ?", "%"+title+"%")
 	}
 	if language != "" {
 		baseQuery = baseQuery.Joins("join gist_languages on gists.id = gist_languages.gist_id").
 			Where("gist_languages.language = ?", language)
 	}
 	if visibility != "" {
 		baseQuery = baseQuery.Where("gists.private = ?", ParseVisibility(visibility))
 	}
 	if len(topics) > 0 {
 		baseQuery = baseQuery.Joins("join gist_topics on gists.id = gist_topics.gist_id").
 			Where("gist_topics.topic in ?", topics)
 	}
 	err := baseQuery.Count(&count).Error
 	if err != nil {
 		return nil, 0, err
 	}
 	err = baseQuery.Limit(11).
 		Offset(offset * 10).
 		Order("gists." + sort + "_at " + order).
 		Find(&gists).Error
 	return gists, count, err
 }
 func CountAllGistsFromUser(fromUserId uint, currentUserId uint) (int64, error) {
 	var count int64
 	err := gistsFromUserStatementWithPreloads(fromUserId, currentUserId).Model(&Gist{}).Count(&count).Error
 	return count, err
 }
 func likedStatement(fromUserId uint, currentUserId uint) *gorm.DB {
 	return db.Preload("User").Preload("Forked.User").Preload("Topics").
 		Where("((gists.private = 0) or (gists.private > 0 and gists.user_id = ?))", currentUserId).
 		Where("likes.user_id = ?", fromUserId).
 		Joins("join likes on gists.id = likes.gist_id").
 		Joins("join users on likes.user_id = users.id")
 }
 func GetAllGistsLikedByUser(fromUserId uint, currentUserId uint, offset int, sort string, order string) ([]*Gist, error) {
 	var gists []*Gist
 	err := likedStatement(fromUserId, currentUserId).Limit(11).
 		Offset(offset * 10).
 		Order("gists." + sort + "_at " + order).
 		Find(&gists).Error
 	return gists, err
 }
 func CountAllGistsLikedByUser(fromUserId uint, currentUserId uint) (int64, error) {
 	var count int64
 	err := likedStatement(fromUserId, currentUserId).Model(&Gist{}).Count(&count).Error
 	return count, err
 }
 func forkedStatement(fromUserId uint, currentUserId uint) *gorm.DB {
 	return db.Preload("User").Preload("Forked.User").Preload("Topics").
 		Where("gists.forked_id is not null and ((gists.private = 0) or (gists.private > 0 and gists.user_id = ?))", currentUserId).
 		Where("gists.user_id = ?", fromUserId).
 		Joins("join users on gists.user_id = users.id")
 }
 func GetAllGistsForkedByUser(fromUserId uint, currentUserId uint, offset int, sort string, order string) ([]*Gist, error) {
 	var gists []*Gist
 	err := forkedStatement(fromUserId, currentUserId).Limit(11).
 		Offset(offset * 10).
 		Order("gists." + sort + "_at " + order).
 		Find(&gists).Error
 	return gists, err
 }
 func CountAllGistsForkedByUser(fromUserId uint, currentUserId uint) (int64, error) {
 	var count int64
 	err := forkedStatement(fromUserId, currentUserId).Model(&Gist{}).Count(&count).Error
 	return count, err
 }
 func GetAllGistsRows() ([]*Gist, error) {
 	var gists []*Gist
 	err := db.Table("gists").
 		Preload("User").
 		Find(&gists).Error
 	return gists, err
 }
 func GetAllGistsVisibleByUser(userId uint) ([]uint, error) {
 	var gists []uint
 	err := db.Table("gists").
 		Where("gists.private = 0 or gists.user_id = ?", userId).
 		Pluck("gists.id", &gists).Error
 	return gists, err
 }
 func GetAllGistsByIds(ids []uint) ([]*Gist, error) {
 	var gists []*Gist
 	err := db.Preload("User").Preload("Forked.User").Preload("Topics").
 		Where("id in ?", ids).
 		Find(&gists).Error
 	// keep order
 	ordered := make([]*Gist, 0, len(ids))
 	for _, wantedId := range ids {
 		for _, gist := range gists {
 			if gist.ID == wantedId {
 				ordered = append(ordered, gist)
 				break
 			}
 		}
 	}
 	return ordered, err
 }
 func (gist *Gist) Create() error {
 	// avoids foreign key constraint error because the default value in the struct is 0
 	return db.Omit("forked_id").Create(&gist).Error
 }
 func (gist *Gist) CreateForked() error {
 	return db.Create(&gist).Error
 }
 func (gist *Gist) Update() error {
 	// reset the topics
 	err := db.Model(&GistTopic{}).Where("gist_id = ?", gist.ID).Delete(&GistTopic{}).Error
 	if err != nil {
 		return err
 	}
 	return db.Omit("forked_id").Save(&gist).Error
 }
 func (gist *Gist) UpdateNoTimestamps() error {
 	return db.Omit("forked_id", "updated_at").Save(&gist).Error
 }
 func (gist *Gist) Delete() error {
 	err := gist.DeleteRepository()
 	if err != nil {
 		return err
 	}
 	return db.Delete(&gist).Error
 }
 func (gist *Gist) SetLastActiveNow() error {
 	return db.Model(&Gist{}).
 		Where("id = ?", gist.ID).
 		Update("updated_at", time.Now().Unix()).Error
 }
 func (gist *Gist) AppendUserLike(user *User) error {
 	err := db.Model(&gist).Omit("updated_at").Update("nb_likes", gist.NbLikes+1).Error
 	if err != nil {
 		return err
 	}
 	return db.Model(&gist).Omit("updated_at").Association("Likes").Append(user)
 }
 func (gist *Gist) RemoveUserLike(user *User) error {
 	err := db.Model(&gist).Omit("updated_at").Update("nb_likes", gist.NbLikes-1).Error
 	if err != nil {
 		return err
 	}
 	return db.Model(&gist).Omit("updated_at").Association("Likes").Delete(user)
 }
 func (gist *Gist) IncrementForkCount() error {
 	return db.Model(&gist).Omit("updated_at").Update("nb_forks", gist.NbForks+1).Error
 }
 func (gist *Gist) GetForkParent(user *User) (*Gist, error) {
 	fork := new(Gist)
 	err := db.Preload("User").
 		Where("forked_id = ? and user_id = ?", gist.ID, user.ID).
 		First(&fork).Error
 	return fork, err
 }
 func (gist *Gist) GetUsersLikes(offset int) ([]*User, error) {
 	var users []*User
 	err := db.Model(&gist).
 		Where("gist_id = ?", gist.ID).
 		Limit(31).
 		Offset(offset * 30).
 		Association("Likes").Find(&users)
 	return users, err
 }
 func (gist *Gist) GetForks(currentUserId uint, offset int) ([]*Gist, error) {
 	var gists []*Gist
 	err := db.Model(&gist).Preload("User").
 		Where("forked_id = ?", gist.ID).
 		Where("(gists.private = 0) or (gists.private > 0 and gists.user_id = ?)", currentUserId).
 		Limit(11).
 		Offset(offset * 10).
 		Order("updated_at desc").
 		Find(&gists).Error
 	return gists, err
 }
 func (gist *Gist) CanWrite(user *User) bool {
 	return !(user == nil) && (gist.UserID == user.ID)
 }
 func (gist *Gist) InitRepository() error {
 	return git.InitRepository(gist.User.Username, gist.Uuid)
 }
 func (gist *Gist) DeleteRepository() error {
 	return git.DeleteRepository(gist.User.Username, gist.Uuid)
 }
 func (gist *Gist) Files(revision string, truncate bool) ([]*git.File, error) {
 	filesCat, err := git.CatFileBatch(gist.User.Username, gist.Uuid, revision, truncate)
 	if err != nil {
 		// if the revision or the file do not exist
 		if exiterr, ok := err.(*exec.ExitError); ok && exiterr.ExitCode() == 128 {
 			return nil, &git.RevisionNotFoundError{}
 		}
 		return nil, err
 	}
 	var files []*git.File
 	for _, fileCat := range filesCat {
 		files = append(files, &git.File{
 			Filename:  fileCat.Name,
 			Size:      fileCat.Size,
 			HumanSize: humanize.IBytes(fileCat.Size),
 			Content:   fileCat.Content,
 			Truncated: fileCat.Truncated,
 		})
 	}
 	return files, err
 }
 func (gist *Gist) File(revision string, filename string, truncate bool) (*git.File, error) {
 	content, truncated, err := git.GetFileContent(gist.User.Username, gist.Uuid, revision, filename, truncate)
 	// if the revision or the file do not exist
 	if exiterr, ok := err.(*exec.ExitError); ok && exiterr.ExitCode() == 128 {
 		return nil, nil
 	}
 	var size uint64
 	size, err = git.GetFileSize(gist.User.Username, gist.Uuid, revision, filename)
 	if err != nil {
 		return nil, err
 	}
 	return &git.File{
 		Filename:  filename,
 		Size:      size,
 		HumanSize: humanize.IBytes(size),
 		Content:   content,
 		Truncated: truncated,
 	}, err
 }
 func (gist *Gist) FileNames(revision string) ([]string, error) {
 	return git.GetFilesOfRepository(gist.User.Username, gist.Uuid, revision)
 }
 func (gist *Gist) Log(skip int) ([]*git.Commit, error) {
 	return git.GetLog(gist.User.Username, gist.Uuid, skip)
 }
 func (gist *Gist) NbCommits() (string, error) {
 	return git.CountCommits(gist.User.Username, gist.Uuid)
 }
 func (gist *Gist) AddAndCommitFiles(files *[]FileDTO) error {
 	if err := git.CloneTmp(gist.User.Username, gist.Uuid, gist.Uuid, gist.User.Email, true); err != nil {
 		return err
 	}
 	for _, file := range *files {
 		if err := git.SetFileContent(gist.Uuid, file.Filename, file.Content); err != nil {
 			return err
 		}
 	}
 	if err := git.AddAll(gist.Uuid); err != nil {
 		return err
 	}
 	if err := git.CommitRepository(gist.Uuid, gist.User.Username, gist.User.Email); err != nil {
 		return err
 	}
 	return git.Push(gist.Uuid)
 }
 func (gist *Gist) AddAndCommitFile(file *FileDTO) error {
 	if err := git.CloneTmp(gist.User.Username, gist.Uuid, gist.Uuid, gist.User.Email, false); err != nil {
 		return err
 	}
 	if err := git.SetFileContent(gist.Uuid, file.Filename, file.Content); err != nil {
 		return err
 	}
 	if err := git.AddAll(gist.Uuid); err != nil {
 		return err
 	}
 	if err := git.CommitRepository(gist.Uuid, gist.User.Username, gist.User.Email); err != nil {
 		return err
 	}
 	return git.Push(gist.Uuid)
 }
 func (gist *Gist) ForkClone(username string, uuid string) error {
 	return git.ForkClone(gist.User.Username, gist.Uuid, username, uuid)
 }
 func (gist *Gist) UpdateServerInfo() error {
 	return git.UpdateServerInfo(gist.User.Username, gist.Uuid)
 }
 func (gist *Gist) RPC(service string) ([]byte, error) {
 	return git.RPC(gist.User.Username, gist.Uuid, service)
 }
 func (gist *Gist) UpdatePreviewAndCount(withTimestampUpdate bool) error {
 	filesStr, err := git.GetFilesOfRepository(gist.User.Username, gist.Uuid, "HEAD")
 	if err != nil {
 		return err
 	}
 	gist.NbFiles = len(filesStr)
 	if len(filesStr) == 0 {
 		gist.Preview = ""
 		gist.PreviewFilename = ""
 	} else {
 		file, err := gist.File("HEAD", filesStr[0], true)
 		if err != nil {
 			return err
 		}
 		split := strings.Split(file.Content, "\n")
 		if len(split) > 10 {
 			gist.Preview = strings.Join(split[:10], "\n")
 		} else {
 			gist.Preview = file.Content
 		}
 		gist.PreviewFilename = file.Filename
 	}
 	if withTimestampUpdate {
 		return gist.Update()
 	}
 	return gist.UpdateNoTimestamps()
 }
 func (gist *Gist) VisibilityStr() string {
 	switch gist.Private {
 	case PublicVisibility:
 		return "public"
 	case UnlistedVisibility:
 		return "unlisted"
 	case PrivateVisibility:
 		return "private"
 	default:
 		return ""
 	}
 }
 func (gist *Gist) Identifier() string {
 	if gist.URL != "" {
 		return gist.URL
 	}
 	return gist.Uuid
 }
 func (gist *Gist) GetLanguagesFromFiles() ([]string, error) {
 	files, err := gist.Files("HEAD", true)
 	if err != nil {
 		return nil, err
 	}
 	languages := make([]string, 0, len(files))
 	for _, file := range files {
 		var lexer chroma.Lexer
 		if lexer = lexers.Get(file.Filename); lexer == nil {
 			lexer = lexers.Fallback
 		}
 		fileType := lexer.Config().Name
 		if lexer.Config().Name == "fallback" || lexer.Config().Name == "plaintext" {
 			fileType = "Text"
 		}
 		languages = append(languages, fileType)
 	}
 	return languages, nil
 }
 func (gist *Gist) GetTopics() ([]string, error) {
 	var topics []string
 	err := db.Model(&GistTopic{}).
 		Where("gist_id = ?", gist.ID).
 		Pluck("topic", &topics).Error
 	return topics, err
 }
 func (gist *Gist) TopicsSlice() []string {
 	topics := make([]string, 0, len(gist.Topics))
 	for _, topic := range gist.Topics {
 		topics = append(topics, topic.Topic)
 	}
 	return topics
 }
 func (gist *Gist) SerialiseInitRepository() error {
 	var gobBuffer bytes.Buffer
 	encoder := gob.NewEncoder(&gobBuffer)
 	if err := encoder.Encode(gist); err != nil {
 		return fmt.Errorf("gob encoding error: %v", err)
 	}
 	return git.SerialiseInitRepository(gist.User.Username, gobBuffer.Bytes())
 }
 func DeserialiseInitRepository(user string) (*Gist, error) {
 	data, err := git.DeserialiseInitRepository(user)
 	if err != nil {
 		return nil, err
 	}
 	var gist Gist
 	decoder := gob.NewDecoder(bytes.NewReader(data))
 	if err := decoder.Decode(&gist); err != nil {
 		return nil, fmt.Errorf("gob decoding error: %v", err)
 	}
 	return &gist, nil
 }
 func (gist *Gist) UpdateLanguages() {
 	languages, err := gist.GetLanguagesFromFiles()
 	if err != nil {
 		log.Error().Err(err).Msgf("Cannot get languages for gist %d", gist.ID)
 		return
 	}
 	slices.Sort(languages)
 	languages = slices.Compact(languages)
 	tx := db.Begin()
 	if tx.Error != nil {
 		log.Error().Err(tx.Error).Msgf("Cannot start transaction for gist %d", gist.ID)
 		return
 	}
 	if err := tx.Where("gist_id = ?", gist.ID).Delete(&GistLanguage{}).Error; err != nil {
 		tx.Rollback()
 		log.Error().Err(err).Msgf("Cannot delete languages for gist %d", gist.ID)
 		return
 	}
 	for _, language := range languages {
 		gistLanguage := &GistLanguage{
 			GistID:   gist.ID,
 			Language: language,
 		}
 		if err := tx.Create(gistLanguage).Error; err != nil {
 			tx.Rollback()
 			log.Error().Err(err).Msgf("Cannot create gist language %s for gist %d", language, gist.ID)
 			return
 		}
 	}
 	if err := tx.Commit().Error; err != nil {
 		tx.Rollback()
 		log.Error().Err(err).Msgf("Cannot commit transaction for gist %d", gist.ID)
 		return
 	}
 }
 func (gist *Gist) ToDTO() (*GistDTO, error) {
 	files, err := gist.Files("HEAD", false)
 	if err != nil {
 		return nil, err
 	}
 	fileDTOs := make([]FileDTO, 0, len(files))
 	for _, file := range files {
 		fileDTOs = append(fileDTOs, FileDTO{
 			Filename: file.Filename,
 			Content:  file.Content,
 		})
 	}
 	return &GistDTO{
 		Title:       gist.Title,
 		Description: gist.Description,
 		URL:         gist.URL,
 		Files:       fileDTOs,
 		VisibilityDTO: VisibilityDTO{
 			Private: gist.Private,
 		},
 		Topics: strings.Join(gist.TopicsSlice(), " "),
 	}, nil
 }
 // -- DTO -- //
 type GistDTO struct {
 	Title       string    `validate:"max=250" form:"title"`
 	Description string    `validate:"max=1000" form:"description"`
 	URL         string    `validate:"max=32,alphanumdashorempty" form:"url"`
 	Files       []FileDTO `validate:"min=1,dive"`
 	Name        []string  `form:"name"`
 	Content     []string  `form:"content"`
 	Topics      string    `validate:"gisttopics" form:"topics"`
 	VisibilityDTO
 }
 func (dto *GistDTO) HasMetadata() bool {
 	return dto.Title != "" || dto.Description != "" || dto.URL != "" || dto.Topics != ""
 }
 type VisibilityDTO struct {
 	Private Visibility `validate:"number,min=0,max=2" form:"private"`
 }
 type FileDTO struct {
 	Filename string `validate:"excludes=\x2f,excludes=\x5c,max=255"`
 	Content  string `validate:"required"`
 }
 func (dto *GistDTO) ToGist() *Gist {
 	return &Gist{
 		Title:       dto.Title,
 		Description: dto.Description,
 		Private:     dto.Private,
 		URL:         dto.URL,
 		Topics:      dto.TopicStrToSlice(),
 	}
 }
 func (dto *GistDTO) ToExistingGist(gist *Gist) *Gist {
 	gist.Title = dto.Title
 	gist.Description = dto.Description
 	gist.URL = dto.URL
 	gist.Topics = dto.TopicStrToSlice()
 	return gist
 }
 func (dto *GistDTO) TopicStrToSlice() []GistTopic {
 	topics := strings.Fields(dto.Topics)
 	gistTopics := make([]GistTopic, 0, len(topics))
 	for _, topic := range topics {
 		gistTopics = append(gistTopics, GistTopic{Topic: topic})
 	}
 	return gistTopics
 }
 // -- Index -- //
 func (gist *Gist) ToIndexedGist() (*index.Gist, error) {
 	files, err := gist.Files("HEAD", true)
 	if err != nil {
 		return nil, err
 	}
 	exts := make([]string, 0, len(files))
 	wholeContent := ""
 	for _, file := range files {
 		wholeContent += file.Content
 		if !strings.HasSuffix(wholeContent, "\n") {
 			wholeContent += "\n"
 		}
 		exts = append(exts, filepath.Ext(file.Filename))
 	}
 	fileNames, err := gist.FileNames("HEAD")
 	if err != nil {
 		return nil, err
 	}
 	langs, err := gist.GetLanguagesFromFiles()
 	if err != nil {
 		return nil, err
 	}
 	topics, err := gist.GetTopics()
 	if err != nil {
 		return nil, err
 	}
 	indexedGist := &index.Gist{
 		GistID:     gist.ID,
 		Username:   gist.User.Username,
 		Title:      gist.Title,
 		Content:    wholeContent,
 		Filenames:  fileNames,
 		Extensions: exts,
 		Languages:  langs,
 		Topics:     topics,
 		CreatedAt:  gist.CreatedAt,
 		UpdatedAt:  gist.UpdatedAt,
 	}
 	return indexedGist, nil
 }
 func (gist *Gist) AddInIndex() {
 	if !index.Enabled() {
 		return
 	}
 	go func() {
 		indexedGist, err := gist.ToIndexedGist()
 		if err != nil {
 			log.Error().Err(err).Msgf("Cannot convert gist %d to indexed gist", gist.ID)
 			return
 		}
 		err = index.AddInIndex(indexedGist)
 		if err != nil {
 			log.Error().Err(err).Msgf("Error adding gist %d to index", gist.ID)
 		}
 	}()
 }
 func (gist *Gist) RemoveFromIndex() {
 	if !index.Enabled() {
 		return
 	}
 	go func() {
 		err := index.RemoveFromIndex(gist.ID)
 		if err != nil {
 			log.Error().Err(err).Msgf("Error remove gist %d from index", gist.ID)
 		}
 	}()
 }
--- a/internal/db/gist_language.go
+++ b/internal/db/gist_language.go
@@ -0,0 +1,27 @@
 package db
 type GistLanguage struct {
 	GistID   uint   `gorm:"primaryKey"`
 	Language string `gorm:"primaryKey;size:100"`
 }
 func GetGistLanguagesForUser(fromUserId, currentUserId uint) ([]struct {
 	Language string
 	Count    int64
 }, error) {
 	var results []struct {
 		Language string
 		Count    int64
 	}
 	err := gistsFromUserStatement(fromUserId, currentUserId).Model(&GistLanguage{}).
 		Select("language, count(*) as count").
 		Joins("JOIN gists ON gists.id = gist_languages.gist_id").
 		Where("gists.user_id = ?", fromUserId).
 		Group("language").
 		Order("count DESC").
 		Limit(15). // Added limit of 15
 		Find(&results).Error
 	return results, err
 }
--- a/internal/db/gist_topic.go
+++ b/internal/db/gist_topic.go
@@ -0,0 +1,6 @@
 package db
 type GistTopic struct {
 	GistID uint   `gorm:"primaryKey"`
 	Topic  string `gorm:"primaryKey;size:50"`
 }
--- a/internal/db/invitation.go
+++ b/internal/db/invitation.go
@@ -0,0 +1,99 @@
 package db
 import (
 	"fmt"
 	"math/rand"
 	"time"
 )
 type Invitation struct {
 	ID        uint `gorm:"primaryKey"`
 	Code      string
 	ExpiresAt int64
 	NbUsed    uint
 	NbMax     uint
 }
 func GetAllInvitations() ([]*Invitation, error) {
 	var invitations []*Invitation
 	dialect := db.Dialector.Name()
 	query := db.Model(&Invitation{})
 	switch dialect {
 	case "sqlite":
 		query = query.Order("(((expires_at >= strftime('%s', 'now')) AND ((nb_max <= 0) OR (nb_used < nb_max)))) DESC")
 	case "postgres":
 		query = query.Order("(((expires_at >= EXTRACT(EPOCH FROM CURRENT_TIMESTAMP)) AND ((nb_max <= 0) OR (nb_used < nb_max)))) DESC")
 	case "mysql":
 		query = query.Order("(((expires_at >= UNIX_TIMESTAMP()) AND ((nb_max <= 0) OR (nb_used < nb_max)))) DESC")
 	default:
 		return nil, fmt.Errorf("unsupported database dialect: %s", dialect)
 	}
 	err := query.Order("id ASC").Find(&invitations).Error
 	return invitations, err
 }
 func GetInvitationByID(id uint) (*Invitation, error) {
 	invitation := new(Invitation)
 	err := db.
 		Where("id = ?", id).
 		First(&invitation).Error
 	return invitation, err
 }
 func GetInvitationByCode(code string) (*Invitation, error) {
 	invitation := new(Invitation)
 	err := db.
 		Where("code = ?", code).
 		First(&invitation).Error
 	return invitation, err
 }
 func InvitationCodeExists(code string) (bool, error) {
 	var count int64
 	err := db.Model(&Invitation{}).Where("code = ?", code).Count(&count).Error
 	return count > 0, err
 }
 func (i *Invitation) Create() error {
 	i.Code = generateRandomCode()
 	return db.Create(&i).Error
 }
 func (i *Invitation) Update() error {
 	return db.Save(&i).Error
 }
 func (i *Invitation) Delete() error {
 	return db.Delete(&i).Error
 }
 func (i *Invitation) IsExpired() bool {
 	return i.ExpiresAt < time.Now().Unix()
 }
 func (i *Invitation) IsMaxedOut() bool {
 	return i.NbMax > 0 && i.NbUsed >= i.NbMax
 }
 func (i *Invitation) IsUsable() bool {
 	return !i.IsExpired() && !i.IsMaxedOut()
 }
 func (i *Invitation) Use() error {
 	i.NbUsed++
 	return i.Update()
 }
 func generateRandomCode() string {
 	const charset = "0123456789ABCDEF"
 	var seededRand = rand.New(rand.NewSource(time.Now().UnixNano()))
 	result := make([]byte, 16)
 	for i := range result {
 		result[i] = charset[seededRand.Intn(len(charset))]
 	}
 	return string(result)
 }
--- a/internal/models/migration.go
+++ b/internal/models/migration.go
@@ -1,9 +1,8 @@
-package models
+package db
 import (
 	"fmt"
 	"github.com/rs/zerolog/log"
 	"gorm.io/gorm"
 )
 type MigrationVersion struct {
@@ -11,7 +10,19 @@ type MigrationVersion struct {
 	Version uint
 }
-func ApplyMigrations(db *gorm.DB) error {
+func applyMigrations(dbInfo *databaseInfo) error {
 	switch dbInfo.Type {
 	case SQLite:
 		return applySqliteMigrations()
 	case PostgreSQL, MySQL:
 		return nil
 	default:
 		return fmt.Errorf("unknown database type: %s", dbInfo.Type)
 	}
 }
 func applySqliteMigrations() error {
 	// Create migration table if it doesn't exist
 	if err := db.AutoMigrate(&MigrationVersion{}); err != nil {
 		log.Fatal().Err(err).Msg("Error creating migration version table")
@@ -25,7 +36,7 @@ func ApplyMigrations(db *gorm.DB) error {
 	// Define migrations
 	migrations := []struct {
 		Version uint
-		Func    func(*gorm.DB) error
+		Func    func() error
 	}{
 		{1, v1_modifyConstraintToSSHKeys},
 		{2, v2_lowercaseEmails},
@@ -41,7 +52,7 @@ func ApplyMigrations(db *gorm.DB) error {
 				return err
 			}
-			if err := m.Func(db); err != nil {
+			if err := m.Func(); err != nil {
 				log.Fatal().Err(err).Msg(fmt.Sprintf("Error applying migration %d:", m.Version))
 				tx.Rollback()
 				return err
@@ -61,7 +72,7 @@ func ApplyMigrations(db *gorm.DB) error {
 }
 // Modify the constraint on the ssh_keys table to use ON DELETE CASCADE
-func v1_modifyConstraintToSSHKeys(db *gorm.DB) error {
+func v1_modifyConstraintToSSHKeys() error {
 	createSQL := `
 	CREATE TABLE ssh_keys_temp (
 		id integer primary key,
@@ -96,7 +107,7 @@ func v1_modifyConstraintToSSHKeys(db *gorm.DB) error {
 	return db.Exec(renameSQL).Error
 }
-func v2_lowercaseEmails(db *gorm.DB) error {
+func v2_lowercaseEmails() error {
 	// Copy the lowercase emails into the new column
 	copySQL := `UPDATE users SET email = lower(email);`
 	return db.Exec(copySQL).Error
--- a/internal/models/sshkey.go
+++ b/internal/models/sshkey.go
@@ -1,4 +1,4 @@
-package models
+package db
 import (
 	"crypto/sha256"
@@ -19,7 +19,7 @@ type SSHKey struct {
 	User       User `validate:"-" `
 }
-func (sshKey *SSHKey) BeforeCreate(tx *gorm.DB) error {
+func (sshKey *SSHKey) BeforeCreate(*gorm.DB) error {
 	pubKey, _, _, _, err := ssh.ParseAuthorizedKey([]byte(sshKey.Content))
 	if err != nil {
 		return err
@@ -48,13 +48,12 @@ func GetSSHKeyByID(sshKeyId uint) (*SSHKey, error) {
 	return sshKey, err
 }
-func SSHKeyDoesExists(sshKeyContent string) (*SSHKey, error) {
+func SSHKeyDoesExists(sshKeyContent string) (bool, error) {
-	sshKey := new(SSHKey)
+	var count int64
-	err := db.
+	err := db.Model(&SSHKey{}).
-		Where("content like ?", sshKeyContent+"%").
+		Where("content = ?", sshKeyContent).
-		First(&sshKey).Error
+		Count(&count).Error
-
+	return count > 0, err
 	return sshKey, err
 }
 func (sshKey *SSHKey) Create() error {
--- a/internal/db/totp.go
+++ b/internal/db/totp.go
@@ -0,0 +1,123 @@
 package db
 import (
 	"crypto/rand"
 	"encoding/base64"
 	"encoding/hex"
 	"encoding/json"
 	"fmt"
 	"github.com/thomiceli/opengist/internal/auth"
 	"github.com/thomiceli/opengist/internal/auth/password"
 	ogtotp "github.com/thomiceli/opengist/internal/auth/totp"
 	"github.com/thomiceli/opengist/internal/config"
 	"slices"
 )
 type TOTP struct {
 	ID            uint `gorm:"primaryKey"`
 	UserID        uint `gorm:"uniqueIndex"`
 	User          User
 	Secret        string
 	RecoveryCodes jsonData `gorm:"type:json"`
 	CreatedAt     int64
 	LastUsedAt    int64
 }
 func GetTOTPByUserID(userID uint) (*TOTP, error) {
 	var totp TOTP
 	err := db.Where("user_id = ?", userID).First(&totp).Error
 	return &totp, err
 }
 func (totp *TOTP) StoreSecret(secret string) error {
 	secretBytes := []byte(secret)
 	encrypted, err := auth.AESEncrypt(config.SecretKey, secretBytes)
 	if err != nil {
 		return err
 	}
 	totp.Secret = base64.URLEncoding.EncodeToString(encrypted)
 	return nil
 }
 func (totp *TOTP) ValidateCode(code string) (bool, error) {
 	ciphertext, err := base64.URLEncoding.DecodeString(totp.Secret)
 	if err != nil {
 		return false, err
 	}
 	secretBytes, err := auth.AESDecrypt(config.SecretKey, ciphertext)
 	if err != nil {
 		return false, err
 	}
 	return ogtotp.Validate(code, string(secretBytes)), nil
 }
 func (totp *TOTP) ValidateRecoveryCode(code string) (bool, error) {
 	var hashedCodes []string
 	if err := json.Unmarshal(totp.RecoveryCodes, &hashedCodes); err != nil {
 		return false, err
 	}
 	for i, hashedCode := range hashedCodes {
 		ok, err := password.VerifyPassword(code, hashedCode)
 		if err != nil {
 			return false, err
 		}
 		if ok {
 			codesJson, _ := json.Marshal(slices.Delete(hashedCodes, i, i+1))
 			totp.RecoveryCodes = codesJson
 			return true, db.Model(&totp).Updates(TOTP{RecoveryCodes: codesJson}).Error
 		}
 	}
 	return false, nil
 }
 func (totp *TOTP) GenerateRecoveryCodes() ([]string, error) {
 	codes, plainCodes, err := generateRandomCodes()
 	if err != nil {
 		return nil, err
 	}
 	codesJson, _ := json.Marshal(codes)
 	totp.RecoveryCodes = codesJson
 	return plainCodes, db.Model(&totp).Updates(TOTP{RecoveryCodes: codesJson}).Error
 }
 func (totp *TOTP) Create() error {
 	return db.Create(&totp).Error
 }
 func (totp *TOTP) Delete() error {
 	return db.Delete(&totp).Error
 }
 func generateRandomCodes() ([]string, []string, error) {
 	const count = 5
 	const length = 10
 	codes := make([]string, count)
 	plainCodes := make([]string, count)
 	for i := 0; i < count; i++ {
 		bytes := make([]byte, (length+1)/2)
 		if _, err := rand.Read(bytes); err != nil {
 			return nil, nil, err
 		}
 		hexCode := hex.EncodeToString(bytes)
 		code := fmt.Sprintf("%s-%s", hexCode[:length/2], hexCode[length/2:])
 		plainCodes[i] = code
 		hashed, err := password.HashPassword(code)
 		if err != nil {
 			return nil, nil, err
 		}
 		codes[i] = hashed
 	}
 	return codes, plainCodes, nil
 }
 // -- DTO -- //
 type TOTPDTO struct {
 	Code string `form:"code" validate:"max=50"`
 }
--- a/internal/db/types.go
+++ b/internal/db/types.go
@@ -0,0 +1,77 @@
 package db
 import (
 	"database/sql/driver"
 	"encoding/json"
 	"errors"
 	"fmt"
 	"gorm.io/gorm"
 	"gorm.io/gorm/schema"
 )
 type binaryData []byte
 func (b *binaryData) Value() (driver.Value, error) {
 	return []byte(*b), nil
 }
 func (b *binaryData) Scan(value interface{}) error {
 	valBytes, ok := value.([]byte)
 	if !ok {
 		return fmt.Errorf("failed to unmarshal BinaryData: %v", value)
 	}
 	*b = valBytes
 	return nil
 }
 func (*binaryData) GormDataType() string {
 	return "binary_data"
 }
 func (*binaryData) GormDBDataType(db *gorm.DB, _ *schema.Field) string {
 	switch db.Dialector.Name() {
 	case "sqlite":
 		return "BLOB"
 	case "mysql":
 		return "VARBINARY(1024)"
 	case "postgres":
 		return "BYTEA"
 	default:
 		return "BLOB"
 	}
 }
 type jsonData json.RawMessage
 func (j *jsonData) Scan(value interface{}) error {
 	bytes, ok := value.([]byte)
 	if !ok {
 		return errors.New(fmt.Sprint("Failed to unmarshal JSONB value:", value))
 	}
 	result := json.RawMessage{}
 	err := json.Unmarshal(bytes, &result)
 	*j = jsonData(result)
 	return err
 }
 func (j *jsonData) Value() (driver.Value, error) {
 	if len(*j) == 0 {
 		return nil, nil
 	}
 	return json.RawMessage(*j).MarshalJSON()
 }
 func (*jsonData) GormDataType() string {
 	return "json"
 }
 func (*jsonData) GormDBDataType(db *gorm.DB, _ *schema.Field) string {
 	switch db.Dialector.Name() {
 	case "mysql", "sqlite":
 		return "JSON"
 	case "postgres":
 		return "JSONB"
 	}
 	return ""
 }
--- a/internal/models/user.go
+++ b/internal/models/user.go
@@ -1,12 +1,13 @@
-package models
+package db
 import (
 	"github.com/thomiceli/opengist/internal/git"
 	"gorm.io/gorm"
 )
 type User struct {
 	ID        uint   `gorm:"primaryKey"`
-	Username  string `gorm:"uniqueIndex"`
+	Username  string `gorm:"uniqueIndex,size:191"`
 	Password  string
 	IsAdmin   bool
 	CreatedAt int64
@@ -14,39 +15,72 @@ type User struct {
 	MD5Hash   string // for gravatar, if no Email is specified, the value is random
 	AvatarURL string
 	GithubID  string
 	GitlabID  string
 	GiteaID   string
 	OIDCID    string `gorm:"column:oidc_id"`
-	Gists   []Gist   `gorm:"constraint:OnUpdate:CASCADE,OnDelete:CASCADE;foreignKey:UserID"`
+	Gists               []Gist               `gorm:"constraint:OnUpdate:CASCADE,OnDelete:CASCADE;foreignKey:UserID"`
-	SSHKeys []SSHKey `gorm:"constraint:OnUpdate:CASCADE,OnDelete:CASCADE;foreignKey:UserID"`
+	SSHKeys             []SSHKey             `gorm:"constraint:OnUpdate:CASCADE,OnDelete:CASCADE;foreignKey:UserID"`
-	Liked   []Gist   `gorm:"many2many:likes;constraint:OnUpdate:CASCADE,OnDelete:CASCADE"`
+	Liked               []Gist               `gorm:"many2many:likes;constraint:OnUpdate:CASCADE,OnDelete:CASCADE"`
 	WebAuthnCredentials []WebAuthnCredential `gorm:"constraint:OnUpdate:CASCADE,OnDelete:CASCADE;foreignKey:UserID"`
 }
 func (user *User) BeforeDelete(tx *gorm.DB) error {
-	// Decrement likes counter for all gists liked by this user
+	// Decrement likes counter using derived table
-	// The likes will be automatically deleted by the foreign key constraint
+	err := tx.Exec(`
-	err := tx.Model(&Gist{}).
+		UPDATE gists 
-		Omit("updated_at").
+		SET nb_likes = nb_likes - 1
-		Where("id IN (?)", tx.
+		WHERE id IN (
-			Select("gist_id").
+			SELECT gist_id 
-			Table("likes").
+			FROM (
-			Where("user_id = ?", user.ID),
+				SELECT gist_id 
-		).
+				FROM likes 
-		UpdateColumn("nb_likes", gorm.Expr("nb_likes - 1")).
+				WHERE user_id = ?
-		Error
+			) AS derived_likes
 		)
 	`, user.ID).Error
 	if err != nil {
 		return err
 	}
-	// Decrement forks counter for all gists forked by this user
+	// Decrement forks counter using derived table
-	return tx.Model(&Gist{}).
+	err = tx.Exec(`
-		Omit("updated_at").
+		UPDATE gists 
-		Where("id IN (?)", tx.
+		SET nb_forks = nb_forks - 1
-			Select("forked_id").
+		WHERE id IN (
-			Table("gists").
+			SELECT forked_id 
-			Where("user_id = ?", user.ID),
+			FROM (
-		).
+				SELECT forked_id 
-		UpdateColumn("nb_forks", gorm.Expr("nb_forks - 1")).
+				FROM gists 
-		Error
+				WHERE user_id = ? AND forked_id IS NOT NULL
 			) AS derived_forks
 		)
 	`, user.ID).Error
 	if err != nil {
 		return err
 	}
 	err = tx.Where("user_id = ?", user.ID).Delete(&SSHKey{}).Error
 	if err != nil {
 		return err
 	}
 	err = tx.Where("user_id = ?", user.ID).Delete(&WebAuthnCredential{}).Error
 	if err != nil {
 		return err
 	}
 	err = tx.Where("user_id = ?", user.ID).Delete(&Gist{}).Error
 	if err != nil {
 		return err
 	}
 	// Delete user directory
 	if err = git.DeleteUserDirectory(user.Username); err != nil {
 		return err
 	}
 	return nil
 }
 func UserExists(username string) (bool, error) {
@@ -93,7 +127,6 @@ func GetUsersFromEmails(emailsSet map[string]struct{}) (map[string]*User, error)
 	err := db.
 		Where("email IN ?", emails).
 		Find(&users).Error
 	if err != nil {
 		return nil, err
 	}
@@ -106,6 +139,15 @@ func GetUsersFromEmails(emailsSet map[string]struct{}) (map[string]*User, error)
 	return userMap, nil
 }
 func GetUserFromSSHKey(sshKey string) (*User, error) {
 	user := new(User)
 	err := db.
 		Joins("JOIN ssh_keys ON users.id = ssh_keys.user_id").
 		Where("ssh_keys.content = ?", sshKey).
 		First(&user).Error
 	return user, err
 }
 func SSHKeyExistsForUser(sshKey string, userId uint) (*SSHKey, error) {
 	key := new(SSHKey)
 	err := db.
@@ -122,8 +164,12 @@ func GetUserByProvider(id string, provider string) (*User, error) {
 	switch provider {
 	case "github":
 		err = db.Where("github_id = ?", id).First(&user).Error
 	case "gitlab":
 		err = db.Where("gitlab_id = ?", id).First(&user).Error
 	case "gitea":
 		err = db.Where("gitea_id = ?", id).First(&user).Error
 	case "openid-connect":
 		err = db.Where("oidc_id = ?", id).First(&user).Error
 	}
 	return user, err
@@ -158,15 +204,16 @@ func (user *User) HasLiked(gist *Gist) (bool, error) {
 }
 func (user *User) DeleteProviderID(provider string) error {
-	switch provider {
+	providerIDFields := map[string]string{
-	case "github":
+		"github":         "github_id",
 		"gitlab":         "gitlab_id",
 		"gitea":          "gitea_id",
 		"openid-connect": "oidc_id",
 	}
 	if providerIDField, ok := providerIDFields[provider]; ok {
 		return db.Model(&user).
-			Update("github_id", nil).
+			Update(providerIDField, nil).
 			Update("avatar_url", nil).
 			Error
 	case "gitea":
 		return db.Model(&user).
 			Update("gitea_id", nil).
 			Update("avatar_url", nil).
 			Error
 	}
@@ -174,10 +221,23 @@ func (user *User) DeleteProviderID(provider string) error {
 	return nil
 }
 func (user *User) HasMFA() (bool, bool, error) {
 	var webauthn bool
 	var totp bool
 	err := db.Model(&WebAuthnCredential{}).Select("count(*) > 0").Where("user_id = ?", user.ID).Find(&webauthn).Error
 	if err != nil {
 		return false, false, err
 	}
 	err = db.Model(&TOTP{}).Select("count(*) > 0").Where("user_id = ?", user.ID).Find(&totp).Error
 	return webauthn, totp, err
 }
 // -- DTO -- //
 type UserDTO struct {
-	Username string `form:"username" validate:"required,max=24,alphanum,notreserved"`
+	Username string `form:"username" validate:"required,max=24,alphanumdash,notreserved"`
 	Password string `form:"password" validate:"required"`
 }
@@ -187,3 +247,7 @@ func (dto *UserDTO) ToUser() *User {
 		Password: dto.Password,
 	}
 }
 type UserUsernameDTO struct {
 	Username string `form:"username" validate:"required,max=24,alphanumdash,notreserved"`
 }
--- a/internal/db/webauth_credential.go
+++ b/internal/db/webauth_credential.go
@@ -0,0 +1,147 @@
 package db
 import (
 	"encoding/hex"
 	"github.com/go-webauthn/webauthn/webauthn"
 	"time"
 )
 type WebAuthnCredential struct {
 	ID                 uint `gorm:"primaryKey"`
 	Name               string
 	UserID             uint
 	User               User
 	CredentialID       binaryData `gorm:"type:binary_data"`
 	PublicKey          binaryData `gorm:"type:binary_data"`
 	AttestationType    string
 	AAGUID             binaryData `gorm:"type:binary_data"`
 	SignCount          uint32
 	CloneWarning       bool
 	FlagUserPresent    bool
 	FlagUserVerified   bool
 	FlagBackupEligible bool
 	FlagBackupState    bool
 	CreatedAt          int64
 	LastUsedAt         int64
 }
 func (*WebAuthnCredential) TableName() string {
 	return "webauthn"
 }
 func GetAllWACredentialsForUser(userID uint) ([]webauthn.Credential, error) {
 	var creds []WebAuthnCredential
 	err := db.Where("user_id = ?", userID).Find(&creds).Error
 	if err != nil {
 		return nil, err
 	}
 	webCreds := make([]webauthn.Credential, len(creds))
 	for i, cred := range creds {
 		webCreds[i] = webauthn.Credential{
 			ID:              cred.CredentialID,
 			PublicKey:       cred.PublicKey,
 			AttestationType: cred.AttestationType,
 			Authenticator: webauthn.Authenticator{
 				AAGUID:       cred.AAGUID,
 				SignCount:    cred.SignCount,
 				CloneWarning: cred.CloneWarning,
 			},
 			Flags: webauthn.CredentialFlags{
 				UserPresent:    cred.FlagUserPresent,
 				UserVerified:   cred.FlagUserVerified,
 				BackupEligible: cred.FlagBackupEligible,
 				BackupState:    cred.FlagBackupState,
 			},
 		}
 	}
 	return webCreds, nil
 }
 func GetAllCredentialsForUser(userID uint) ([]WebAuthnCredential, error) {
 	var creds []WebAuthnCredential
 	err := db.Where("user_id = ?", userID).Find(&creds).Error
 	return creds, err
 }
 func GetUserByCredentialID(credID binaryData) (*User, error) {
 	var credential WebAuthnCredential
 	var err error
 	switch db.Dialector.Name() {
 	case "postgres":
 		hexCredID := hex.EncodeToString(credID)
 		if err = db.Preload("User").Where("credential_id = decode(?, 'hex')", hexCredID).First(&credential).Error; err != nil {
 			return nil, err
 		}
 	case "mysql", "sqlite":
 		hexCredID := hex.EncodeToString(credID)
 		if err = db.Preload("User").Where("credential_id = unhex(?)", hexCredID).First(&credential).Error; err != nil {
 			return nil, err
 		}
 	}
 	return &credential.User, err
 }
 func GetCredentialByIDDB(id uint) (*WebAuthnCredential, error) {
 	var cred WebAuthnCredential
 	err := db.Where("id = ?", id).First(&cred).Error
 	return &cred, err
 }
 func GetCredentialByID(id binaryData) (*WebAuthnCredential, error) {
 	var cred WebAuthnCredential
 	var err error
 	switch db.Dialector.Name() {
 	case "postgres":
 		hexCredID := hex.EncodeToString(id)
 		if err = db.Where("credential_id = decode(?, 'hex')", hexCredID).First(&cred).Error; err != nil {
 			return nil, err
 		}
 	case "mysql", "sqlite":
 		hexCredID := hex.EncodeToString(id)
 		if err = db.Where("credential_id = unhex(?)", hexCredID).First(&cred).Error; err != nil {
 			return nil, err
 		}
 	}
 	return &cred, err
 }
 func CreateFromCrendential(userID uint, name string, cred *webauthn.Credential) (*WebAuthnCredential, error) {
 	credDb := &WebAuthnCredential{
 		UserID:             userID,
 		Name:               name,
 		CredentialID:       cred.ID,
 		PublicKey:          cred.PublicKey,
 		AttestationType:    cred.AttestationType,
 		AAGUID:             cred.Authenticator.AAGUID,
 		SignCount:          cred.Authenticator.SignCount,
 		CloneWarning:       cred.Authenticator.CloneWarning,
 		FlagUserPresent:    cred.Flags.UserPresent,
 		FlagUserVerified:   cred.Flags.UserVerified,
 		FlagBackupEligible: cred.Flags.BackupEligible,
 		FlagBackupState:    cred.Flags.BackupState,
 	}
 	err := db.Create(credDb).Error
 	return credDb, err
 }
 func (w *WebAuthnCredential) UpdateSignCount() error {
 	return db.Model(w).Update("sign_count", w.SignCount).Error
 }
 func (w *WebAuthnCredential) UpdateLastUsedAt() error {
 	return db.Model(w).Update("last_used_at", time.Now().Unix()).Error
 }
 func (w *WebAuthnCredential) Delete() error {
 	return db.Delete(w).Error
 }
 // -- DTO -- //
 type CrendentialDTO struct {
 	PasskeyName string `json:"passkeyname" validate:"max=50"`
 }
--- a/internal/git/commands.go
+++ b/internal/git/commands.go
@@ -1,18 +1,63 @@
 package git
 import (
 	"bufio"
 	"bytes"
 	"context"
 	"encoding/base64"
 	"fmt"
-	"github.com/thomiceli/opengist/internal/config"
+	"io"
 	"net/url"
 	"os"
 	"os/exec"
 	"path"
 	"path/filepath"
 	"strconv"
 	"strings"
 	"time"
 	"github.com/labstack/echo/v4"
 	"github.com/rs/zerolog/log"
 	"github.com/thomiceli/opengist/internal/config"
 )
 var (
 	ReposDirectory = "repos"
 )
 const truncateLimit = 2 << 18
 const diffSize = 2 << 12
 const maxFilesPerDiffCommit = 10
 type RevisionNotFoundError struct{}
 func (m *RevisionNotFoundError) Error() string {
 	return "revision not found"
 }
 func RepositoryPath(user string, gist string) string {
-	return filepath.Join(config.GetHomeDir(), "repos", strings.ToLower(user), gist)
+	return filepath.Join(config.GetHomeDir(), ReposDirectory, strings.ToLower(user), gist)
 }
 func UserRepositoriesPath(user string) string {
 	return filepath.Join(config.GetHomeDir(), ReposDirectory, strings.ToLower(user))
 }
 func RepositoryUrl(ctx echo.Context, user string, gist string) string {
 	httpProtocol := "http"
 	if ctx.Request().TLS != nil || ctx.Request().Header.Get("X-Forwarded-Proto") == "https" {
 		httpProtocol = "https"
 	}
 	var baseHttpUrl string
 	// if a custom external url is set, use it
 	if config.C.ExternalUrl != "" {
 		baseHttpUrl = config.C.ExternalUrl
 	} else {
 		baseHttpUrl = httpProtocol + "://" + ctx.Request().Host
 	}
 	return fmt.Sprintf("%s/%s/%s", baseHttpUrl, user, gist)
 }
 func TmpRepositoryPath(gistId string) string {
@@ -27,22 +72,23 @@ func TmpRepositoriesPath() string {
 func InitRepository(user string, gist string) error {
 	repositoryPath := RepositoryPath(user, gist)
-	cmd := exec.Command(
+	var args []string
-		"git",
+	args = append(args, "init")
-		"init",
+	if config.C.GitDefaultBranch != "" {
-		"--bare",
+		args = append(args, "--initial-branch", config.C.GitDefaultBranch)
-		repositoryPath,
+	}
-	)
+	args = append(args, "--bare", repositoryPath)
-	err := cmd.Run()
+	cmd := exec.Command("git", args...)
-	if err != nil {
+
 	if err := cmd.Run(); err != nil {
 		return err
 	}
-	return copyFiles(repositoryPath)
+	return CreateDotGitFiles(user, gist)
 }
-func GetNumberOfCommitsOfRepository(user string, gist string) (string, error) {
+func CountCommits(user string, gist string) (string, error) {
 	repositoryPath := RepositoryPath(user, gist)
 	cmd := exec.Command(
@@ -75,33 +121,177 @@ func GetFilesOfRepository(user string, gist string, revision string) ([]string,
 	}
 	slice := strings.Split(string(stdout), "\n")
 	for i, s := range slice {
 		slice[i] = convertOctalToUTF8(s)
 	}
 	return slice[:len(slice)-1], nil
 }
 type catFileBatch struct {
 	Name, Hash, Content string
 	Size                uint64
 	Truncated           bool
 }
 func CatFileBatch(user string, gist string, revision string, truncate bool) ([]*catFileBatch, error) {
 	repositoryPath := RepositoryPath(user, gist)
 	lsTreeCmd := exec.Command("git", "ls-tree", "-l", revision)
 	lsTreeCmd.Dir = repositoryPath
 	lsTreeOutput, err := lsTreeCmd.Output()
 	if err != nil {
 		return nil, err
 	}
 	fileMap := make([]*catFileBatch, 0)
 	lines := strings.Split(string(lsTreeOutput), "\n")
 	for _, line := range lines {
 		fields := strings.Fields(line)
 		if len(fields) < 4 {
 			continue // Skip lines that don't have enough fields
 		}
 		hash := fields[2]
 		size, err := strconv.ParseUint(fields[3], 10, 64)
 		if err != nil {
 			continue // Skip lines with invalid size field
 		}
 		name := strings.Join(fields[4:], " ") // File name may contain spaces
 		fileMap = append(fileMap, &catFileBatch{
 			Hash: hash,
 			Size: size,
 			Name: convertOctalToUTF8(name),
 		})
 	}
 	catFileCmd := exec.Command("git", "cat-file", "--batch")
 	catFileCmd.Dir = repositoryPath
 	stdin, err := catFileCmd.StdinPipe()
 	if err != nil {
 		return nil, err
 	}
 	stdout, err := catFileCmd.StdoutPipe()
 	if err != nil {
 		return nil, err
 	}
 	if err = catFileCmd.Start(); err != nil {
 		return nil, err
 	}
 	reader := bufio.NewReader(stdout)
 	for _, file := range fileMap {
 		_, err = stdin.Write([]byte(file.Hash + "\n"))
 		if err != nil {
 			return nil, err
 		}
 		header, err := reader.ReadString('\n')
 		if err != nil {
 			return nil, err
 		}
 		parts := strings.Fields(header)
 		if len(parts) > 3 {
 			continue // Not a valid header, skip this entry
 		}
 		size, err := strconv.ParseUint(parts[2], 10, 64)
 		if err != nil {
 			return nil, err
 		}
 		sizeToRead := size
 		if truncate && sizeToRead > truncateLimit {
 			sizeToRead = truncateLimit
 		}
 		// Read exactly size bytes from header, or the max allowed if truncated
 		content := make([]byte, sizeToRead)
 		if _, err = io.ReadFull(reader, content); err != nil {
 			return nil, err
 		}
 		file.Content = string(content)
 		if truncate && size > truncateLimit {
 			// skip other bytes if truncated
 			if _, err = reader.Discard(int(size - truncateLimit)); err != nil {
 				return nil, err
 			}
 			file.Truncated = true
 		}
 		// Read the blank line following the content
 		if _, err := reader.ReadByte(); err != nil {
 			return nil, err
 		}
 	}
 	if err = stdin.Close(); err != nil {
 		return nil, err
 	}
 	if err = catFileCmd.Wait(); err != nil {
 		return nil, err
 	}
 	return fileMap, nil
 }
 func GetFileContent(user string, gist string, revision string, filename string, truncate bool) (string, bool, error) {
 	repositoryPath := RepositoryPath(user, gist)
 	var maxBytes int64 = -1
 	if truncate {
-		maxBytes = 2 << 18
+		maxBytes = truncateLimit
 	}
-	cmd := exec.Command(
+	// Set up a context with a timeout
 	ctx, cancel := context.WithTimeout(context.Background(), 1*time.Minute)
 	defer cancel()
 	cmd := exec.CommandContext(
 		ctx,
 		"git",
 		"--no-pager",
 		"show",
-		revision+":"+filename,
+		revision+":"+convertURLToOctal(filename),
 	)
 	cmd.Dir = repositoryPath
-	stdout, _ := cmd.StdoutPipe()
+	output, err := cmd.Output()
 	err := cmd.Start()
 	if err != nil {
 		return "", false, err
 	}
 	defer cmd.Wait()
-	return truncateCommandOutput(stdout, maxBytes)
+	content, truncated, err := truncateCommandOutput(bytes.NewReader(output), maxBytes)
 	if err != nil {
 		return "", false, err
 	}
 	return content, truncated, nil
 }
 func GetFileSize(user string, gist string, revision string, filename string) (uint64, error) {
 	repositoryPath := RepositoryPath(user, gist)
 	cmd := exec.Command(
 		"git",
 		"cat-file",
 		"-s",
 		revision+":"+convertURLToOctal(filename),
 	)
 	cmd.Dir = repositoryPath
 	stdout, err := cmd.Output()
 	if err != nil {
 		return 0, err
 	}
 	return strconv.ParseUint(strings.TrimSuffix(string(stdout), "\n"), 10, 64)
 }
 func GetLog(user string, gist string, skip int) ([]*Commit, error) {
@@ -127,12 +317,17 @@ func GetLog(user string, gist string, skip int) ([]*Commit, error) {
 	if err != nil {
 		return nil, err
 	}
-	defer cmd.Wait()
+	defer func(cmd *exec.Cmd) {
 		waitErr := cmd.Wait()
 		if waitErr != nil {
 			err = waitErr
 		}
 	}(cmd)
-	return parseLog(stdout, 2<<18), nil
+	return parseLog(stdout, maxFilesPerDiffCommit, diffSize)
 }
-func CloneTmp(user string, gist string, gistTmpId string, email string) error {
+func CloneTmp(user string, gist string, gistTmpId string, email string, remove bool) error {
 	repositoryPath := RepositoryPath(user, gist)
 	tmpPath := TmpRepositoriesPath()
@@ -150,13 +345,13 @@ func CloneTmp(user string, gist string, gistTmpId string, email string) error {
 		return err
 	}
-	// remove every file (and not the .git directory!)
+	// remove every file (keep the .git directory)
-	cmd = exec.Command("find", ".", "-maxdepth", "1", "-type", "f", "-delete")
+	// useful when user wants to edit multiple files from an existing gist
-	cmd.Dir = tmpRepositoryPath
+	if remove {
-	if err = cmd.Run(); err != nil {
+		if err = removeFilesExceptGit(tmpRepositoryPath); err != nil {
-		return err
+			return err
 		}
 	}
 	cmd = exec.Command("git", "config", "--local", "user.name", user)
 	cmd.Dir = tmpRepositoryPath
 	if err = cmd.Run(); err != nil {
@@ -177,7 +372,7 @@ func ForkClone(userSrc string, gistSrc string, userDst string, gistDst string) e
 		return err
 	}
-	return copyFiles(repositoryPathDst)
+	return CreateDotGitFiles(userDst, gistDst)
 }
 func SetFileContent(gistTmpId string, filename string, content string) error {
@@ -230,7 +425,6 @@ func Push(gistTmpId string) error {
 	if err != nil {
 		return err
 	}
 	return os.RemoveAll(tmpRepositoryPath)
 }
@@ -255,6 +449,83 @@ func RPC(user string, gist string, service string) ([]byte, error) {
 	return stdout, err
 }
 func GcRepos() error {
 	subdirs, err := os.ReadDir(filepath.Join(config.GetHomeDir(), ReposDirectory))
 	if err != nil {
 		return err
 	}
 	for _, subdir := range subdirs {
 		if !subdir.IsDir() {
 			continue
 		}
 		subRoot := filepath.Join(config.GetHomeDir(), ReposDirectory, subdir.Name())
 		gitRepos, err := os.ReadDir(subRoot)
 		if err != nil {
 			log.Warn().Err(err).Msg("Cannot read directory")
 			continue
 		}
 		for _, repo := range gitRepos {
 			if !repo.IsDir() {
 				continue
 			}
 			repoPath := filepath.Join(subRoot, repo.Name())
 			log.Info().Msg("Running git gc for repository " + repoPath)
 			cmd := exec.Command("git", "gc")
 			cmd.Dir = repoPath
 			err = cmd.Run()
 			if err != nil {
 				log.Warn().Err(err).Msg("Cannot run git gc for repository " + repoPath)
 				continue
 			}
 		}
 	}
 	return err
 }
 func ResetHooks() error {
 	entries, err := filepath.Glob(filepath.Join(config.GetHomeDir(), ReposDirectory, "*", "*"))
 	if err != nil {
 		return err
 	}
 	for _, e := range entries {
 		repoPath := strings.Split(e, string(os.PathSeparator))
 		if err := CreateDotGitFiles(repoPath[len(repoPath)-2], repoPath[len(repoPath)-1]); err != nil {
 			log.Error().Err(err).Msgf("Cannot reset hooks for repository %s/%s", repoPath[len(repoPath)-2], repoPath[len(repoPath)-1])
 		}
 	}
 	return nil
 }
 func HasNoCommits(user string, gist string) (bool, error) {
 	repositoryPath := RepositoryPath(user, gist)
 	cmd := exec.Command("git", "rev-parse", "--all")
 	cmd.Dir = repositoryPath
 	var out bytes.Buffer
 	cmd.Stdout = &out
 	if err := cmd.Run(); err != nil {
 		return false, err
 	}
 	if out.String() == "" {
 		return true, nil // No commits exist
 	}
 	return false, nil // Commits exist
 }
 func GetGitVersion() (string, error) {
 	cmd := exec.Command("git", "--version")
 	stdout, err := cmd.Output()
@@ -270,19 +541,81 @@ func GetGitVersion() (string, error) {
 	return versionFields[2], nil
 }
-func copyFiles(repositoryPath string) error {
+func CreateDotGitFiles(user string, gist string) error {
 	repositoryPath := RepositoryPath(user, gist)
 	f1, err := os.OpenFile(filepath.Join(repositoryPath, "git-daemon-export-ok"), os.O_RDONLY|os.O_CREATE, 0644)
 	if err != nil {
 		return err
 	}
 	defer f1.Close()
-	preReceiveDst, err := os.OpenFile(filepath.Join(repositoryPath, "hooks", "pre-receive"), os.O_APPEND|os.O_WRONLY|os.O_CREATE, 0744)
+	if os.Getenv("OPENGIST_SKIP_GIT_HOOKS") != "1" {
 		for _, hook := range []string{"pre-receive", "post-receive"} {
 			if err = createDotGitHookFile(repositoryPath, hook, fmt.Sprintf(hookTemplate, hook)); err != nil {
 				return err
 			}
 		}
 	}
 	return nil
 }
 func DeleteUserDirectory(user string) error {
 	return os.RemoveAll(filepath.Join(config.GetHomeDir(), ReposDirectory, user))
 }
 func SerialiseInitRepository(user string, serialized []byte) error {
 	userRepositoryPath := UserRepositoriesPath(user)
 	initPath := filepath.Join(userRepositoryPath, "_init")
 	f, err := os.OpenFile(initPath, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644)
 	if err != nil {
 		return err
 	}
 	defer f.Close()
 	encodedData := base64.StdEncoding.EncodeToString(serialized)
 	_, err = f.Write(append([]byte(encodedData), '\n'))
 	return err
 }
 func DeserialiseInitRepository(user string) ([]byte, error) {
 	initPath := filepath.Join(UserRepositoriesPath(user), "_init")
 	content, err := os.ReadFile(initPath)
 	if err != nil {
 		return nil, err
 	}
 	idx := bytes.Index(content, []byte{'\n'})
 	if idx == -1 {
 		return base64.StdEncoding.DecodeString(string(content))
 	}
 	firstLine := content[:idx]
 	remaining := content[idx+1:]
 	if len(remaining) == 0 {
 		if err := os.Remove(initPath); err != nil {
 			return nil, fmt.Errorf("failed to remove file: %v", err)
 		}
 	} else {
 		if err := os.WriteFile(initPath, remaining, 0644); err != nil {
 			return nil, fmt.Errorf("failed to write remaining content: %v", err)
 		}
 	}
 	return base64.StdEncoding.DecodeString(string(firstLine))
 }
 func createDotGitHookFile(repositoryPath string, hook string, content string) error {
 	preReceiveDst, err := os.OpenFile(filepath.Join(repositoryPath, "hooks", hook), os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0744)
 	if err != nil {
 		return err
 	}
-	if _, err = preReceiveDst.WriteString(preReceive); err != nil {
+	if _, err = preReceiveDst.WriteString(content); err != nil {
 		return err
 	}
 	defer preReceiveDst.Close()
@@ -290,29 +623,63 @@ func copyFiles(repositoryPath string) error {
 	return nil
 }
-const preReceive = `#!/bin/sh
+func removeFilesExceptGit(dir string) error {
 	return filepath.WalkDir(dir, func(path string, d os.DirEntry, err error) error {
 		if err != nil {
 			return err
 		}
 		if d.IsDir() && filepath.Base(path) == ".git" {
 			return filepath.SkipDir
 		}
 		if !d.IsDir() {
 			return os.Remove(path)
 		}
 		return nil
 	})
 }
-disallowed_files=""
+func convertOctalToUTF8(name string) string {
 	name = strings.Trim(name, `"`)
 	utf8Name, err := strconv.Unquote(name)
 	if err != nil {
 		utf8Name, err = strconv.Unquote(`"` + name + `"`)
 		if err != nil {
 			return name
 		}
 	}
 	return utf8Name
 }
-while read -r old_rev new_rev ref
+func convertUTF8ToOctal(name string) string {
-do
+	if strings.Contains(name, "\\") {
-  while IFS= read -r file
+		return name
-  do
+	}
    case $file in
      */*)
        disallowed_files="${disallowed_files}${file} "
        ;;
    esac
  done <<EOF
 $(git diff --name-only "$old_rev" "$new_rev")
 EOF
 done
-if [ -n "$disallowed_files" ]; then
+	needsQuoting := false
-  echo "Pushing files in folders is not allowed:"
+	for _, r := range name {
-  for file in $disallowed_files; do
+		if r > 127 {
-    echo "  $file"
+			needsQuoting = true
-  done
+			break
-  exit 1
+		}
-fi
+	}
 	if !needsQuoting {
 		return name
 	}
 	quoted := fmt.Sprintf("%q", name)
 	return strings.Trim(quoted, `"`)
 }
 func convertURLToOctal(name string) string {
 	decoded, err := url.QueryUnescape(name)
 	if err != nil {
 		return name
 	}
 	return convertUTF8ToOctal(decoded)
 }
 const hookTemplate = `#!/bin/sh
 "$OG_OPENGIST_HOME_INTERNAL/symlinks/opengist" --config=$OG_OPENGIST_HOME_INTERNAL/symlinks/config.yml hook %s
 `
--- a/internal/git/commands_test.go
+++ b/internal/git/commands_test.go
@@ -0,0 +1,249 @@
 package git
 import (
 	"github.com/stretchr/testify/require"
 	"github.com/thomiceli/opengist/internal/config"
 	"os"
 	"os/exec"
 	"path"
 	"strings"
 	"testing"
 )
 func TestInitDeleteRepository(t *testing.T) {
 	SetupTest(t)
 	defer TeardownTest(t)
 	cmd := exec.Command("git", "rev-parse", "--is-bare-repository")
 	cmd.Dir = RepositoryPath("thomas", "gist1")
 	out, err := cmd.Output()
 	require.NoError(t, err, "Could not run git command")
 	require.Equal(t, "true", strings.TrimSpace(string(out)), "Repository is not bare")
 	_, err = os.Stat(path.Join(RepositoryPath("thomas", "gist1"), "git-daemon-export-ok"))
 	require.NoError(t, err, "git-daemon-export-ok file not found")
 	err = DeleteRepository("thomas", "gist1")
 	require.NoError(t, err, "Could not delete repository")
 	require.NoDirExists(t, RepositoryPath("thomas", "gist1"), "Repository should not exist")
 }
 func TestCommits(t *testing.T) {
 	SetupTest(t)
 	defer TeardownTest(t)
 	hasNoCommits, err := HasNoCommits("thomas", "gist1")
 	require.NoError(t, err, "Could not check if repository has no commits")
 	require.True(t, hasNoCommits, "Repository should have no commits")
 	CommitToBare(t, "thomas", "gist1", nil)
 	hasNoCommits, err = HasNoCommits("thomas", "gist1")
 	require.NoError(t, err, "Could not check if repository has no commits")
 	require.False(t, hasNoCommits, "Repository should have commits")
 	nbCommits, err := CountCommits("thomas", "gist1")
 	require.NoError(t, err, "Could not count commits")
 	require.Equal(t, "1", nbCommits, "Repository should have 1 commit")
 	CommitToBare(t, "thomas", "gist1", nil)
 	nbCommits, err = CountCommits("thomas", "gist1")
 	require.NoError(t, err, "Could not count commits")
 	require.Equal(t, "2", nbCommits, "Repository should have 2 commits")
 }
 func TestContent(t *testing.T) {
 	SetupTest(t)
 	defer TeardownTest(t)
 	CommitToBare(t, "thomas", "gist1", map[string]string{
 		"my_file.txt": "I love Opengist\n",
 		"my_other_file.txt": `I really
 hate Opengist`,
 		"rip.txt": "byebye",
 		"中文名.txt": "中文内容",
 	})
 	files, err := GetFilesOfRepository("thomas", "gist1", "HEAD")
 	require.NoError(t, err, "Could not get files of repository")
 	require.Subset(t, []string{"my_file.txt", "my_other_file.txt", "rip.txt", "中文名.txt"}, files, "Files are not correct")
 	content, truncated, err := GetFileContent("thomas", "gist1", "HEAD", "my_file.txt", false)
 	require.NoError(t, err, "Could not get content")
 	require.False(t, truncated, "Content should not be truncated")
 	require.Equal(t, "I love Opengist\n", content, "Content is not correct")
 	content, truncated, err = GetFileContent("thomas", "gist1", "HEAD", "my_other_file.txt", false)
 	require.NoError(t, err, "Could not get content")
 	require.False(t, truncated, "Content should not be truncated")
 	require.Equal(t, "I really\nhate Opengist", content, "Content is not correct")
 	content, truncated, err = GetFileContent("thomas", "gist1", "HEAD", "中文名.txt", false)
 	require.NoError(t, err, "Could not get content")
 	require.False(t, truncated, "Content should not be truncated")
 	require.Equal(t, "中文内容", content, "Content is not correct")
 	CommitToBare(t, "thomas", "gist1", map[string]string{
 		"my_renamed_file.txt": "I love Opengist\n",
 		"my_other_file.txt": `I really
 like Opengist actually`,
 		"new_file.txt": "Wait now there is a new file",
 		"中文名.txt":      "中文内容",
 	})
 	files, err = GetFilesOfRepository("thomas", "gist1", "HEAD")
 	require.NoError(t, err, "Could not get files of repository")
 	require.Subset(t, []string{"my_renamed_file.txt", "my_other_file.txt", "new_file.txt", "中文名.txt"}, files, "Files are not correct")
 	content, truncated, err = GetFileContent("thomas", "gist1", "HEAD", "my_other_file.txt", false)
 	require.NoError(t, err, "Could not get content")
 	require.False(t, truncated, "Content should not be truncated")
 	require.Equal(t, "I really\nlike Opengist actually", content, "Content is not correct")
 	commits, err := GetLog("thomas", "gist1", 0)
 	require.NoError(t, err, "Could not get log")
 	require.Equal(t, 2, len(commits), "Commits count are not correct")
 	require.Regexp(t, "[a-f0-9]{40}", commits[0].Hash, "Commit ID is not correct")
 	require.Regexp(t, "[0-9]{10}", commits[0].Timestamp, "Commit timestamp is not correct")
 	require.Equal(t, "thomas", commits[0].AuthorName, "Commit author name is not correct")
 	require.Equal(t, "thomas@mail.com", commits[0].AuthorEmail, "Commit author email is not correct")
 	require.Equal(t, "4 files changed, 2 insertions, 2 deletions", commits[0].Changed, "Commit author name is not correct")
 	require.Contains(t, commits[0].Files, File{
 		Filename:    "my_renamed_file.txt",
 		OldFilename: "my_file.txt",
 		Content:     "",
 		Truncated:   false,
 		IsCreated:   false,
 		IsDeleted:   false,
 	}, "File my_renamed_file.txt is not correct")
 	require.Contains(t, commits[0].Files, File{
 		Filename:    "rip.txt",
 		OldFilename: "",
 		Content: `@@ -1 +0,0 @@
 -byebye
 \ No newline at end of file
 `,
 		Truncated: false,
 		IsCreated: false,
 		IsDeleted: true,
 	}, "File rip.txt is not correct")
 	require.Contains(t, commits[0].Files, File{
 		Filename:    "my_other_file.txt",
 		OldFilename: "my_other_file.txt",
 		Content: `@@ -1,2 +1,2 @@
 I really
 -hate Opengist
 \ No newline at end of file
 +like Opengist actually
 \ No newline at end of file
 `,
 		Truncated: false,
 		IsCreated: false,
 		IsDeleted: false,
 	}, "File my_other_file.txt is not correct")
 	require.Contains(t, commits[0].Files, File{
 		Filename:    "new_file.txt",
 		OldFilename: "",
 		Content: `@@ -0,0 +1 @@
 +Wait now there is a new file
 \ No newline at end of file
 `,
 		Truncated: false,
 		IsCreated: true,
 		IsDeleted: false,
 	}, "File new_file.txt is not correct")
 	commitsSkip1, err := GetLog("thomas", "gist1", 1)
 	require.NoError(t, err, "Could not get log")
 	require.Equal(t, commitsSkip1[0], commits[1], "Commits skips are not correct")
 }
 func TestGitGc(t *testing.T) {
 	SetupTest(t)
 	defer TeardownTest(t)
 	err := GcRepos()
 	require.NoError(t, err, "Could not run git gc")
 }
 func TestFork(t *testing.T) {
 	SetupTest(t)
 	defer TeardownTest(t)
 	CommitToBare(t, "thomas", "gist1", map[string]string{
 		"my_file.txt": "I love Opengist\n",
 	})
 	err := ForkClone("thomas", "gist1", "thomas", "gist2")
 	require.NoError(t, err, "Could not fork repository")
 	files1, err := GetFilesOfRepository("thomas", "gist1", "HEAD")
 	require.NoError(t, err, "Could not get files of repository")
 	files2, err := GetFilesOfRepository("thomas", "gist2", "HEAD")
 	require.NoError(t, err, "Could not get files of repository")
 	require.Equal(t, files1, files2, "Files are not the same")
 }
 func TestTruncate(t *testing.T) {
 	SetupTest(t)
 	defer TeardownTest(t)
 	CommitToBare(t, "thomas", "gist1", map[string]string{
 		"my_file.txt": "A",
 	})
 	content, truncated, err := GetFileContent("thomas", "gist1", "HEAD", "my_file.txt", true)
 	require.NoError(t, err, "Could not get content")
 	require.False(t, truncated, "Content should not be truncated")
 	require.Equal(t, 1, len(content), "Content size is not correct")
 	var builder strings.Builder
 	for i := 0; i < truncateLimit+10; i++ {
 		builder.WriteString("A")
 	}
 	str := builder.String()
 	CommitToBare(t, "thomas", "gist1", map[string]string{
 		"my_file.txt": str,
 	})
 	content, truncated, err = GetFileContent("thomas", "gist1", "HEAD", "my_file.txt", true)
 	require.NoError(t, err, "Could not get content")
 	require.True(t, truncated, "Content should be truncated")
 	require.Equal(t, truncateLimit, len(content), "Content size should be at truncate limit")
 	CommitToBare(t, "thomas", "gist1", map[string]string{
 		"my_file.txt": "AA\n" + str,
 	})
 	content, truncated, err = GetFileContent("thomas", "gist1", "HEAD", "my_file.txt", true)
 	require.NoError(t, err, "Could not get content")
 	require.True(t, truncated, "Content should be truncated")
 	require.Equal(t, 2, len(content), "Content size is not correct")
 }
 func TestGitInitBranchNames(t *testing.T) {
 	SetupTest(t)
 	defer TeardownTest(t)
 	cmd := exec.Command("git", "symbolic-ref", "HEAD")
 	cmd.Dir = RepositoryPath("thomas", "gist1")
 	out, err := cmd.Output()
 	require.NoError(t, err, "Could not run git command")
 	require.Equal(t, "refs/heads/master", strings.TrimSpace(string(out)), "Repository should have master branch as default")
 	config.C.GitDefaultBranch = "main"
 	err = InitRepository("thomas", "gist2")
 	require.NoError(t, err)
 	cmd = exec.Command("git", "symbolic-ref", "HEAD")
 	cmd.Dir = RepositoryPath("thomas", "gist2")
 	out, err = cmd.Output()
 	require.NoError(t, err, "Could not run git command")
 	require.Equal(t, "refs/heads/main", strings.TrimSpace(string(out)), "Repository should have main branch as default")
 }
--- a/internal/git/config.go
+++ b/internal/git/config.go
@@ -0,0 +1,63 @@
 package git
 import (
 	"errors"
 	"os/exec"
 	"regexp"
 )
 type configEntry struct {
 	value string
 	fn    func(string, string) error
 }
 func InitGitConfig() error {
 	configs := map[string]configEntry{
 		"receive.advertisePushOptions": {value: "true", fn: setGitConfig},
 		"safe.directory":               {value: "*", fn: addGitConfig},
 	}
 	for key, entry := range configs {
 		if err := entry.fn(key, entry.value); err != nil {
 			return err
 		}
 	}
 	return nil
 }
 func setGitConfig(key, value string) error {
 	_, err := getGitConfig(key, value)
 	if err != nil && !checkErrorCode(err, 1) {
 		return err
 	}
 	cmd := exec.Command("git", "config", "--global", key, value)
 	return cmd.Run()
 }
 func addGitConfig(key, value string) error {
 	_, err := getGitConfig(key, regexp.QuoteMeta(value))
 	if err == nil {
 		return nil
 	}
 	if checkErrorCode(err, 1) {
 		cmd := exec.Command("git", "config", "--global", "--add", key, value)
 		return cmd.Run()
 	}
 	return err
 }
 func getGitConfig(key, value string) (string, error) {
 	cmd := exec.Command("git", "config", "--global", "--get", key, value)
 	out, err := cmd.Output()
 	return string(out), err
 }
 func checkErrorCode(err error, code int) bool {
 	var exitError *exec.ExitError
 	if errors.As(err, &exitError) {
 		return exitError.ExitCode() == code
 	}
 	return false
 }
--- a/internal/git/output_parser.go
+++ b/internal/git/output_parser.go
@@ -6,17 +6,18 @@ import (
 	"encoding/csv"
 	"fmt"
 	"io"
 	"regexp"
 	"strings"
 )
 type File struct {
-	Filename    string
+	Filename    string `json:"filename"`
-	OldFilename string
+	Size        uint64 `json:"size"`
-	Content     string
+	HumanSize   string `json:"human_size"`
-	Truncated   bool
+	OldFilename string `json:"-"`
-	IsCreated   bool
+	Content     string `json:"content"`
-	IsDeleted   bool
+	Truncated   bool   `json:"truncated"`
 	IsCreated   bool   `json:"-"`
 	IsDeleted   bool   `json:"-"`
 }
 type CsvFile struct {
@@ -61,124 +62,287 @@ func truncateCommandOutput(out io.Reader, maxBytes int64) (string, bool, error)
 	return string(buf), truncated, nil
 }
-func parseLog(out io.Reader, maxBytes int) []*Commit {
+// inspired from https://github.com/go-gitea/gitea/blob/main/services/gitdiff/gitdiff.go
-	scanner := bufio.NewScanner(out)
+func parseLog(out io.Reader, maxFiles int, maxBytes int) ([]*Commit, error) {
 	var commits []*Commit
 	var currentCommit *Commit
 	var currentFile *File
-	var isContent bool
+	var headerParsed = false
-	var bytesRead = 0
+	var skipped = false
-	scanNext := true
+	var line string
 	var err error
 	input := bufio.NewReaderSize(out, maxBytes)
 	// Loop Commits
 loopLog:
 	for {
 		// If a commit was skipped, do not read a new line
 		if !skipped {
 			line, err = input.ReadString('\n')
 			if err != nil {
 				if err == io.EOF {
 					break loopLog
 				}
 				return commits, err
 			}
 		}
 		// Remove trailing newline characters
 		if len(line) > 0 && (line[len(line)-1] == '\n' || line[len(line)-1] == '\r') {
 			line = line[:len(line)-1]
 		}
 		// Attempt to parse commit header (hash, author, mail, timestamp) or a diff
 		switch line[0] {
 		// Commit hash
 		case 'c':
 			if headerParsed {
 				commits = append(commits, currentCommit)
 			}
 			skipped = false
 			currentCommit = &Commit{Hash: line[2:], Files: []File{}}
 			continue
 		// Author name
 		case 'a':
 			headerParsed = true
 			currentCommit.AuthorName = line[2:]
 			continue
 		// Author email
 		case 'm':
 			currentCommit.AuthorEmail = line[2:]
 			continue
 		// Commit timestamp
 		case 't':
 			currentCommit.Timestamp = line[2:]
 			continue
 		// Commit shortstat
 		case ' ':
 			changed := []byte(line)[1:]
 			changed = bytes.ReplaceAll(changed, []byte("(+)"), []byte(""))
 			changed = bytes.ReplaceAll(changed, []byte("(-)"), []byte(""))
 			currentCommit.Changed = string(changed)
 			// shortstat is followed by an empty line
 			line, err = input.ReadString('\n')
 			if err != nil {
 				if err == io.EOF {
 					break loopLog
 				}
 				return commits, err
 			}
 			continue
 		// Commit diff
 		default:
 			// Loop files in diff
 		loopCommit:
 			for {
 				// If we have reached the maximum number of files to show for a single commit, skip to the next commit
 				if len(currentCommit.Files) >= maxFiles {
 					line, err = skipToNextCommit(input)
 					if err != nil {
 						if err == io.EOF {
 							break loopLog
 						}
 						return commits, err
 					}
 					// Skip to the next commit
 					headerParsed = false
 					skipped = true
 					break loopCommit
 				}
 				// Else create a new file and parse it
 				currentFile = &File{}
 				parseRename := true
 			loopFileDiff:
 				for {
 					line, err = input.ReadString('\n')
 					if err != nil {
 						if err != io.EOF {
 							return commits, err
 						}
 						headerParsed = false
 						break loopCommit
 					}
 					// If the line is a newline character, the commit is finished
 					if line == "\n" {
 						currentCommit.Files = append(currentCommit.Files, *currentFile)
 						headerParsed = false
 						break loopCommit
 					}
 					// Attempt to parse the file header
 					switch {
 					case strings.HasPrefix(line, "diff --git"):
 						currentCommit.Files = append(currentCommit.Files, *currentFile)
 						headerParsed = false
 						break loopFileDiff
 					case strings.HasPrefix(line, "old mode"):
 					case strings.HasPrefix(line, "new mode"):
 					case strings.HasPrefix(line, "index"):
 					case strings.HasPrefix(line, "similarity index"):
 					case strings.HasPrefix(line, "dissimilarity index"):
 						continue
 					case strings.HasPrefix(line, "rename from "):
 						currentFile.OldFilename = convertOctalToUTF8(line[12 : len(line)-1])
 					case strings.HasPrefix(line, "rename to "):
 						currentFile.Filename = convertOctalToUTF8(line[10 : len(line)-1])
 						parseRename = false
 					case strings.HasPrefix(line, "copy from "):
 						currentFile.OldFilename = convertOctalToUTF8(line[10 : len(line)-1])
 					case strings.HasPrefix(line, "copy to "):
 						currentFile.Filename = convertOctalToUTF8(line[8 : len(line)-1])
 						parseRename = false
 					case strings.HasPrefix(line, "new file"):
 						currentFile.IsCreated = true
 					case strings.HasPrefix(line, "deleted file"):
 						currentFile.IsDeleted = true
 					case strings.HasPrefix(line, "--- "):
 						name := convertOctalToUTF8(line[4 : len(line)-1])
 						if parseRename && currentFile.IsDeleted {
 							currentFile.Filename = name[2:]
 						} else if parseRename && strings.HasPrefix(name, "a/") {
 							currentFile.OldFilename = name[2:]
 						}
 					case strings.HasPrefix(line, "+++ "):
 						name := convertOctalToUTF8(line[4 : len(line)-1])
 						if parseRename && strings.HasPrefix(name, "b/") {
 							currentFile.Filename = name[2:]
 						}
 						// Header is finally parsed, now we can parse the file diff content
 						lineBytes, isFragment, err := parseDiffContent(currentFile, maxBytes, input)
 						if err != nil {
 							if err != io.EOF {
 								return commits, err
 							}
 							// EOF reached, commit is finished
 							currentCommit.Files = append(currentCommit.Files, *currentFile)
 							headerParsed = false
 							break loopCommit
 						}
 						currentCommit.Files = append(currentCommit.Files, *currentFile)
 						if string(lineBytes) == "" {
 							headerParsed = false
 							break loopCommit
 						}
 						for isFragment {
 							_, isFragment, err = input.ReadLine()
 							if err != nil {
 								return commits, fmt.Errorf("unable to ReadLine: %w", err)
 							}
 						}
 						break loopFileDiff
 					}
 				}
 			}
 		}
 		commits = append(commits, currentCommit)
 	}
 	return commits, nil
 }
 func parseDiffContent(currentFile *File, maxBytes int, input *bufio.Reader) (lineBytes []byte, isFragment bool, err error) {
 	sb := &strings.Builder{}
 	var currFileLineCount int
 	for {
-		if scanNext && !scanner.Scan() {
+		for isFragment {
-			break
+			currentFile.Truncated = true
 			// Read the next line
 			_, isFragment, err = input.ReadLine()
 			if err != nil {
 				return nil, false, err
 			}
 		}
 		scanNext = true
-		// new commit found
+		sb.Reset()
 		currentFile = nil
 		currentCommit = &Commit{Hash: string(scanner.Bytes()[2:]), Files: []File{}}
-		scanner.Scan()
+		// Read the next line
-		currentCommit.AuthorName = string(scanner.Bytes()[2:])
+		lineBytes, isFragment, err = input.ReadLine()
 		if err != nil {
 			if err == io.EOF {
 				return lineBytes, isFragment, err
 			}
 			return nil, false, err
 		}
-		scanner.Scan()
+		// End of file
-		currentCommit.AuthorEmail = string(scanner.Bytes()[2:])
+		if len(lineBytes) == 0 {
 			return lineBytes, false, err
 		}
 		if lineBytes[0] == 'd' {
 			return lineBytes, false, err
 		}
-		scanner.Scan()
+		if currFileLineCount >= maxBytes {
-		currentCommit.Timestamp = string(scanner.Bytes()[2:])
+			currentFile.Truncated = true
 		scanner.Scan()
 		// if there is no shortstat, it means that the commit is empty, we add it and move onto the next one
 		if scanner.Bytes()[0] != ' ' {
 			commits = append(commits, currentCommit)
 			// avoid scanning the next line, as we already did it
 			scanNext = false
 			continue
 		}
-		changed := scanner.Bytes()[1:]
+		line := string(lineBytes)
-		changed = bytes.ReplaceAll(changed, []byte("(+)"), []byte(""))
+		if isFragment {
-		changed = bytes.ReplaceAll(changed, []byte("(-)"), []byte(""))
+			currentFile.Truncated = true
-		currentCommit.Changed = string(changed)
+			for isFragment {
-
+				lineBytes, isFragment, err = input.ReadLine()
-		// twice because --shortstat adds a new line
+				if err != nil {
-		scanner.Scan()
+					return lineBytes, isFragment, fmt.Errorf("unable to ReadLine: %w", err)
 		scanner.Scan()
 		// commit header parsed
 		// files changes inside the commit
 		for {
 			line := scanner.Bytes()
 			// end of content of file
 			if len(line) == 0 {
 				isContent = false
 				if currentFile != nil {
 					currentCommit.Files = append(currentCommit.Files, *currentFile)
 				}
 				break
 			}
 			// new file found
 			if bytes.HasPrefix(line, []byte("diff --git")) {
 				// current file is finished, we can add it to the commit
 				if currentFile != nil {
 					currentCommit.Files = append(currentCommit.Files, *currentFile)
 				}
 				// create a new file
 				isContent = false
 				bytesRead = 0
 				currentFile = &File{}
 				filenameRegex := regexp.MustCompile(`^diff --git a/(.+) b/(.+)$`)
 				matches := filenameRegex.FindStringSubmatch(string(line))
 				if len(matches) == 3 {
 					currentFile.Filename = matches[2]
 					if matches[1] != matches[2] {
 						currentFile.OldFilename = matches[1]
 					}
 				}
 				scanner.Scan()
 				continue
 			}
 			if bytes.HasPrefix(line, []byte("new")) {
 				currentFile.IsCreated = true
 			}
 			if bytes.HasPrefix(line, []byte("deleted")) {
 				currentFile.IsDeleted = true
 			}
 			// file content found
 			if line[0] == '@' {
 				isContent = true
 			}
 			if isContent {
 				currentFile.Content += string(line) + "\n"
 				bytesRead += len(line)
 				if bytesRead > maxBytes {
 					currentFile.Truncated = true
 					currentFile.Content = ""
 					isContent = false
 				}
 			}
 			scanner.Scan()
 		}
-		commits = append(commits, currentCommit)
+		if len(line) > maxBytes {
-
+			currentFile.Truncated = true
 			line = line[:maxBytes]
 		}
 		currentFile.Content += line + "\n"
 	}
 }
-	return commits
+func skipToNextCommit(input *bufio.Reader) (line string, err error) {
 	// need to skip until the next cmdDiffHead
 	var isFragment, wasFragment bool
 	var lineBytes []byte
 	for {
 		lineBytes, isFragment, err = input.ReadLine()
 		if err != nil {
 			return "", err
 		}
 		if wasFragment {
 			wasFragment = isFragment
 			continue
 		}
 		if bytes.HasPrefix(lineBytes, []byte("c")) {
 			break
 		}
 		wasFragment = isFragment
 	}
 	line = string(lineBytes)
 	if isFragment {
 		var tail string
 		tail, err = input.ReadString('\n')
 		if err != nil {
 			return "", err
 		}
 		line += tail
 	}
 	return line, err
 }
 func ParseCsv(file *File) (*CsvFile, error) {
--- a/internal/git/test_funcs.go
+++ b/internal/git/test_funcs.go
@@ -0,0 +1,71 @@
 package git
 import (
 	"github.com/stretchr/testify/require"
 	"github.com/thomiceli/opengist/internal/config"
 	"io"
 	"os"
 	"os/exec"
 	"path"
 	"path/filepath"
 	"strings"
 	"testing"
 )
 func SetupTest(t *testing.T) {
 	_ = os.Setenv("OPENGIST_SKIP_GIT_HOOKS", "1")
 	err := config.InitConfig("", io.Discard)
 	require.NoError(t, err, "Could not init config")
 	err = os.MkdirAll(path.Join(config.GetHomeDir(), "tests"), 0755)
 	ReposDirectory = path.Join("tests")
 	require.NoError(t, err)
 	err = os.MkdirAll(filepath.Join(config.GetHomeDir(), "tmp", "repos"), 0755)
 	require.NoError(t, err)
 	err = InitRepository("thomas", "gist1")
 	require.NoError(t, err)
 }
 func TeardownTest(t *testing.T) {
 	err := os.RemoveAll(path.Join(config.GetHomeDir(), "tests"))
 	require.NoError(t, err, "Could not remove repos directory")
 }
 func CommitToBare(t *testing.T, user string, gist string, files map[string]string) {
 	err := CloneTmp(user, gist, gist, "thomas@mail.com", true)
 	require.NoError(t, err, "Could not clone repository")
 	if len(files) > 0 {
 		for filename, content := range files {
 			if strings.Contains(filename, "/") {
 				dir := filepath.Dir(filename)
 				err := os.MkdirAll(filepath.Join(TmpRepositoryPath(gist), dir), os.ModePerm)
 				require.NoError(t, err, "Could not create directory")
 			}
 			_ = os.WriteFile(filepath.Join(TmpRepositoryPath(gist), filename), []byte(content), 0644)
 			if err := AddAll(gist); err != nil {
 				require.NoError(t, err, "Could not add all to repository")
 			}
 		}
 	}
 	if err := CommitRepository(gist, user, "thomas@mail.com"); err != nil {
 		require.NoError(t, err, "Could not commit to repository")
 	}
 	if err := Push(gist); err != nil {
 		require.NoError(t, err, "Could not push to repository")
 	}
 }
 func LastHashOfCommit(t *testing.T, user string, gist string) string {
 	cmd := exec.Command("git", "rev-parse", "HEAD")
 	cmd.Dir = RepositoryPath(user, gist)
 	out, err := cmd.Output()
 	require.NoError(t, err, "Could not run git command")
 	return strings.TrimSpace(string(out))
 }
--- a/internal/hooks/hook.go
+++ b/internal/hooks/hook.go
@@ -0,0 +1,24 @@
 package hooks
 import (
 	"fmt"
 	"os"
 	"strconv"
 	"strings"
 )
 const BaseHash = "0000000000000000000000000000000000000000"
 func pushOptions() map[string]string {
 	opts := make(map[string]string)
 	if pushCount, err := strconv.Atoi(os.Getenv("GIT_PUSH_OPTION_COUNT")); err == nil {
 		for i := 0; i < pushCount; i++ {
 			opt := os.Getenv(fmt.Sprintf("GIT_PUSH_OPTION_%d", i))
 			kv := strings.SplitN(opt, "=", 2)
 			if len(kv) == 2 {
 				opts[kv[0]] = kv[1]
 			}
 		}
 	}
 	return opts
 }
--- a/internal/hooks/post_receive.go
+++ b/internal/hooks/post_receive.go
@@ -0,0 +1,112 @@
 package hooks
 import (
 	"bufio"
 	"fmt"
 	"github.com/thomiceli/opengist/internal/db"
 	"github.com/thomiceli/opengist/internal/git"
 	validatorpkg "github.com/thomiceli/opengist/internal/validator"
 	"io"
 	"os"
 	"os/exec"
 	"slices"
 	"strings"
 )
 func PostReceive(in io.Reader, out, er io.Writer) error {
 	var outputSb strings.Builder
 	newGist := false
 	opts := pushOptions()
 	gistUrl := os.Getenv("OPENGIST_REPOSITORY_URL_INTERNAL")
 	validator := validatorpkg.NewValidator()
 	scanner := bufio.NewScanner(in)
 	for scanner.Scan() {
 		line := scanner.Text()
 		parts := strings.Fields(line)
 		if len(parts) != 3 {
 			_, _ = fmt.Fprintln(er, "Invalid input")
 			return fmt.Errorf("invalid input")
 		}
 		oldrev, _, refname := parts[0], parts[1], parts[2]
 		if err := verifyHEAD(); err != nil {
 			setSymbolicRef(refname)
 		}
 		if oldrev == BaseHash {
 			newGist = true
 		}
 	}
 	gist, err := db.GetGistByID(os.Getenv("OPENGIST_REPOSITORY_ID"))
 	if err != nil {
 		_, _ = fmt.Fprintln(er, "Failed to get gist")
 		return fmt.Errorf("failed to get gist: %w", err)
 	}
 	if slices.Contains([]string{"public", "unlisted", "private"}, opts["visibility"]) {
 		gist.Private = db.ParseVisibility(opts["visibility"])
 		outputSb.WriteString(fmt.Sprintf("Gist visibility set to %s\n\n", opts["visibility"]))
 	}
 	if opts["url"] != "" && validator.Var(opts["url"], "max=32,alphanumdashorempty") == nil {
 		gist.URL = opts["url"]
 		lastIndex := strings.LastIndex(gistUrl, "/")
 		gistUrl = gistUrl[:lastIndex+1] + gist.URL
 		if !newGist {
 			outputSb.WriteString(fmt.Sprintf("Gist URL set to %s. Set the Git remote URL via:\n", gistUrl))
 			outputSb.WriteString(fmt.Sprintf("git remote set-url origin %s\n\n", gistUrl))
 		}
 	}
 	if opts["title"] != "" && validator.Var(opts["title"], "max=250") == nil {
 		gist.Title = opts["title"]
 		outputSb.WriteString(fmt.Sprintf("Gist title set to \"%s\"\n\n", opts["title"]))
 	}
 	if opts["description"] != "" && validator.Var(opts["description"], "max=1000") == nil {
 		gist.Description = opts["description"]
 		outputSb.WriteString(fmt.Sprintf("Gist description set to \"%s\"\n\n", opts["description"]))
 	}
 	if hasNoCommits, err := git.HasNoCommits(gist.User.Username, gist.Uuid); err != nil {
 		_, _ = fmt.Fprintln(er, "Failed to check if gist has no commits")
 		return fmt.Errorf("failed to check if gist has no commits: %w", err)
 	} else if hasNoCommits {
 		if err = gist.Delete(); err != nil {
 			_, _ = fmt.Fprintln(er, "Failed to delete gist")
 			return fmt.Errorf("failed to delete gist: %w", err)
 		}
 	}
 	_ = gist.SetLastActiveNow()
 	err = gist.UpdatePreviewAndCount(true)
 	if err != nil {
 		_, _ = fmt.Fprintln(er, "Failed to update gist")
 		return fmt.Errorf("failed to update gist: %w", err)
 	}
 	gist.AddInIndex()
 	if newGist {
 		outputSb.WriteString(fmt.Sprintf("Your new gist has been created here: %s\n", gistUrl))
 		outputSb.WriteString("If you want to keep working with your gist, you could set the Git remote URL via:\n")
 		outputSb.WriteString(fmt.Sprintf("git remote set-url origin %s\n\n", gistUrl))
 	}
 	outputStr := outputSb.String()
 	if outputStr != "" {
 		_, _ = fmt.Fprint(out, "\n"+outputStr)
 	}
 	return nil
 }
 func verifyHEAD() error {
 	return exec.Command("git", "rev-parse", "--verify", "--quiet", "HEAD").Run()
 }
 func setSymbolicRef(refname string) {
 	_ = exec.Command("git", "symbolic-ref", "HEAD", refname).Run()
 }
--- a/internal/hooks/pre_receive.go
+++ b/internal/hooks/pre_receive.go
@@ -0,0 +1,78 @@
 package hooks
 import (
 	"bufio"
 	"bytes"
 	"fmt"
 	"io"
 	"os/exec"
 	"strings"
 )
 func PreReceive(in io.Reader, out, er io.Writer) error {
 	var err error
 	var disallowedFiles []string
 	var disallowedCommits []string
 	scanner := bufio.NewScanner(in)
 	for scanner.Scan() {
 		line := scanner.Text()
 		parts := strings.Split(line, " ")
 		if len(parts) < 3 {
 			_, _ = fmt.Fprintln(er, "Invalid input")
 			return fmt.Errorf("invalid input")
 		}
 		oldRev, newRev := parts[0], parts[1]
 		var changedFiles string
 		if oldRev == BaseHash {
 			// First commit
 			if changedFiles, err = getChangedFiles(newRev); err != nil {
 				_, _ = fmt.Fprintln(er, "Failed to get changed files")
 				return err
 			}
 		} else {
 			if changedFiles, err = getChangedFiles(fmt.Sprintf("%s..%s", oldRev, newRev)); err != nil {
 				_, _ = fmt.Fprintln(er, "Failed to get changed files")
 				return err
 			}
 		}
 		var currentCommit string
 		for _, file := range strings.Fields(changedFiles) {
 			if strings.HasPrefix(file, "/") {
 				currentCommit = file[1:]
 			}
 			if strings.Contains(file[1:], "/") {
 				disallowedFiles = append(disallowedFiles, file)
 				disallowedCommits = append(disallowedCommits, currentCommit[0:7])
 			}
 		}
 	}
 	if len(disallowedFiles) > 0 {
 		_, _ = fmt.Fprintln(out, "\nPushing files in directories is not allowed:")
 		for i := range disallowedFiles {
 			_, _ = fmt.Fprintf(out, "  %s (%s)\n", disallowedFiles[i], disallowedCommits[i])
 		}
 		_, _ = fmt.Fprintln(out)
 		return fmt.Errorf("pushing files in directories is not allowed: %s", disallowedFiles)
 	}
 	return nil
 }
 func getChangedFiles(rev string) (string, error) {
 	cmd := exec.Command("git", "log", "--name-only", "--format=/%H", "--diff-filter=AM", rev)
 	var out bytes.Buffer
 	cmd.Stdout = &out
 	err := cmd.Run()
 	if err != nil {
 		return "", err
 	}
 	return out.String(), nil
 }
--- a/internal/hooks/pre_receive_test.go
+++ b/internal/hooks/pre_receive_test.go
@@ -0,0 +1,54 @@
 package hooks
 import (
 	"bytes"
 	"fmt"
 	"github.com/stretchr/testify/require"
 	"github.com/thomiceli/opengist/internal/git"
 	"os"
 	"testing"
 )
 func TestPreReceiveHook(t *testing.T) {
 	git.SetupTest(t)
 	defer git.TeardownTest(t)
 	var lastCommitHash string
 	err := os.Chdir(git.RepositoryPath("thomas", "gist1"))
 	require.NoError(t, err, "Could not change directory")
 	git.CommitToBare(t, "thomas", "gist1", map[string]string{
 		"my_file.txt":  "some allowed file",
 		"my_file2.txt": "some allowed file\nagain",
 	})
 	lastCommitHash = git.LastHashOfCommit(t, "thomas", "gist1")
 	err = PreReceive(bytes.NewBufferString(fmt.Sprintf("%s %s %s", BaseHash, lastCommitHash, "refs/heads/master")), os.Stdout, os.Stderr)
 	require.NoError(t, err, "Should not have an error on pre-receive hook for commit+push 1")
 	git.CommitToBare(t, "thomas", "gist1", map[string]string{
 		"my_file.txt":     "some allowed file",
 		"dir/my_file.txt": "some disallowed file suddenly",
 	})
 	lastCommitHash = git.LastHashOfCommit(t, "thomas", "gist1")
 	err = PreReceive(bytes.NewBufferString(fmt.Sprintf("%s %s %s", BaseHash, lastCommitHash, "refs/heads/master")), os.Stdout, os.Stderr)
 	require.Error(t, err, "Should have an error on pre-receive hook for commit+push 2")
 	require.Equal(t, "pushing files in directories is not allowed: [dir/my_file.txt]", err.Error(), "Error message is not correct")
 	git.CommitToBare(t, "thomas", "gist1", map[string]string{
 		"my_file.txt":           "some allowed file",
 		"dir/ok/afileagain.txt": "some disallowed file\nagain",
 	})
 	lastCommitHash = git.LastHashOfCommit(t, "thomas", "gist1")
 	err = PreReceive(bytes.NewBufferString(fmt.Sprintf("%s %s %s", BaseHash, lastCommitHash, "refs/heads/master")), os.Stdout, os.Stderr)
 	require.Error(t, err, "Should have an error on pre-receive hook for commit+push 3")
 	require.Equal(t, "pushing files in directories is not allowed: [dir/ok/afileagain.txt dir/my_file.txt]", err.Error(), "Error message is not correct")
 	git.CommitToBare(t, "thomas", "gist1", map[string]string{
 		"allowedfile.txt": "some allowed file only",
 	})
 	lastCommitHash = git.LastHashOfCommit(t, "thomas", "gist1")
 	err = PreReceive(bytes.NewBufferString(fmt.Sprintf("%s %s %s", BaseHash, lastCommitHash, "refs/heads/master")), os.Stdout, os.Stderr)
 	require.Error(t, err, "Should have an error on pre-receive hook for commit+push 4")
 	require.Equal(t, "pushing files in directories is not allowed: [dir/ok/afileagain.txt dir/my_file.txt]", err.Error(), "Error message is not correct")
 	_ = os.Chdir(os.TempDir()) // Leave the current dir to avoid errors on teardown
 }
--- a/internal/i18n/locale.go
+++ b/internal/i18n/locale.go
@@ -0,0 +1,140 @@
 package i18n
 import (
 	"fmt"
 	"github.com/thomiceli/opengist/internal/i18n/locales"
 	"golang.org/x/text/cases"
 	"golang.org/x/text/language"
 	"golang.org/x/text/language/display"
 	"gopkg.in/yaml.v3"
 	"html/template"
 	"io"
 	"io/fs"
 	"path/filepath"
 	"strings"
 )
 var Locales = NewLocaleStore()
 type LocaleStore struct {
 	Locales map[string]*Locale
 }
 type Locale struct {
 	Code     string
 	Name     string
 	Messages map[string]string
 }
 // NewLocaleStore creates a new LocaleStore
 func NewLocaleStore() *LocaleStore {
 	return &LocaleStore{
 		Locales: make(map[string]*Locale),
 	}
 }
 // loadLocaleFromYAML loads a single Locale from a given YAML file
 func (store *LocaleStore) loadLocaleFromYAML(localeCode, path string) error {
 	a, err := locales.Files.Open(path)
 	if err != nil {
 		return err
 	}
 	data, err := io.ReadAll(a)
 	if err != nil {
 		return err
 	}
 	tag, err := language.Parse(localeCode)
 	if err != nil {
 		return err
 	}
 	name := display.Self.Name(tag)
 	if tag == language.AmericanEnglish {
 		name = "English"
 	} else if tag == language.EuropeanSpanish {
 		name = "Español"
 	}
 	locale := &Locale{
 		Code:     localeCode,
 		Name:     cases.Title(language.English).String(name),
 		Messages: make(map[string]string),
 	}
 	err = yaml.Unmarshal(data, &locale.Messages)
 	if err != nil {
 		return err
 	}
 	store.Locales[localeCode] = locale
 	return nil
 }
 func (store *LocaleStore) LoadAll() error {
 	return fs.WalkDir(locales.Files, ".", func(path string, d fs.DirEntry, err error) error {
 		if err != nil {
 			return err
 		}
 		if !d.IsDir() {
 			localeKey := strings.TrimSuffix(path, filepath.Ext(path))
 			err := store.loadLocaleFromYAML(localeKey, path)
 			if err != nil {
 				return err
 			}
 		}
 		return nil
 	})
 }
 func (store *LocaleStore) GetLocale(lang string) (*Locale, error) {
 	_, ok := store.Locales[lang]
 	if !ok {
 		return nil, fmt.Errorf("locale %s not found", lang)
 	}
 	return store.Locales[lang], nil
 }
 func (store *LocaleStore) HasLocale(lang string) bool {
 	_, ok := store.Locales[lang]
 	return ok
 }
 func (store *LocaleStore) MatchTag(langs []language.Tag) string {
 	for _, lang := range langs {
 		if store.HasLocale(lang.String()) {
 			return lang.String()
 		}
 	}
 	return "en-US"
 }
 func (l *Locale) String(key string, args ...any) string {
 	message := l.Messages[key]
 	if message == "" {
 		return Locales.Locales["en-US"].String(key, args...)
 	}
 	if len(args) == 0 {
 		return message
 	}
 	return fmt.Sprintf(message, args...)
 }
 func (l *Locale) Tr(key string, args ...any) template.HTML {
 	message := l.Messages[key]
 	if message == "" {
 		return Locales.Locales["en-US"].Tr(key, args...)
 	}
 	if len(args) == 0 {
 		return template.HTML(message)
 	}
 	return template.HTML(fmt.Sprintf(message, args...))
 }
--- a/Show More
+++ b/Show More