--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/.coveragerc	Thu Jun 07 01:46:02 2018 +0200
@@ -0,0 +1,19 @@
+[run]
+omit =
+    # the bin scripts are not part of the Kallithea web app
+    kallithea/bin/*
+    # we ship with no active extensions
+    kallithea/config/rcextensions/*
+    # dbmigrate and paster_commands are not part of the Kallithea web app
+    kallithea/lib/dbmigrate/*
+    kallithea/lib/paster_commands/*
+    # the tests themselves should not be part of the coverage report
+    kallithea/tests/*
+    # the scm hooks are not run in the kallithea process
+    kallithea/config/post_receive_tmpl.py
+    kallithea/config/pre_receive_tmpl.py
+
+[paths]
+source =
+    kallithea/
+    **/workspace/*/kallithea

--- a/.hgignore	Wed Jun 06 21:37:21 2018 +0200
+++ b/.hgignore	Thu Jun 07 01:46:02 2018 +0200
@@ -8,6 +8,7 @@
 *.mo
 .eggs/
 tarballcache/
+node_modules/
 
 syntax: regexp
 ^rcextensions
@@ -16,12 +17,13 @@
 ^docs/build/
 ^docs/_build/
 ^data$
-^kallithea/tests/data$
 ^sql_dumps/
 ^\.settings$
 ^\.project$
 ^\.pydevproject$
 ^\.coverage$
+^kallithea/public/css/style\.css(\.map)?$
+^theme\.less$
 ^kallithea\.db$
 ^test\.db$
 ^Kallithea\.egg-info$
@@ -29,3 +31,4 @@
 ^fabfile.py
 ^\.idea$
 ^\.cache$
+/__pycache__$

--- a/.travis.yml	Wed Jun 06 21:37:21 2018 +0200
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,41 +0,0 @@
-language: python
-python:
-  - "2.6"
-  - "2.7"
-
-env:  
-  - TEST_DB=sqlite:////tmp/kallithea_test.sqlite
-  - TEST_DB=mysql://root@127.0.0.1/kallithea_test
-  - TEST_DB=postgresql://postgres@127.0.0.1/kallithea_test
-
-services:
-  - mysql
-  - postgresql
-
-# command to install dependencies
-before_script:
-  - mysql -e 'create database kallithea_test;'
-  - psql -c 'create database kallithea_test;' -U postgres
-  - git --version
-
-before_install:
-  - sudo apt-get remove git
-  - sudo add-apt-repository ppa:pdoes/ppa -y
-  - sudo apt-get update -y
-  - sudo apt-get install git -y
-
-install:
-  - pip install mysql-python psycopg2 mock unittest2
-  - pip install . --use-mirrors
-
-# command to run tests
-script: nosetests
-
-notifications:
-    email:
-        - ci@kallithea-scm.org
-    irc: "irc.freenode.org#kallithea"
-
-branches:
-  only:
-    - master

--- a/CONTRIBUTORS	Wed Jun 06 21:37:21 2018 +0200
+++ b/CONTRIBUTORS	Thu Jun 07 01:46:02 2018 +0200
@@ -1,23 +1,41 @@
 List of contributors to Kallithea project:
 
+    Dominik Ruf <dominikruf@gmail.com> 2012 2014-2018
     Thomas De Schampheleire <thomas.de_schampheleire@nokia.com> 2014-2018
     Branko Majic <branko@majic.rs> 2015 2018
     Mads Kiilerich <mads@kiilerich.com> 2016-2018
+    Chris Rule <crule@aegistg.com> 2018
+    Patrick Vane <patrick_vane@lowentry.com> 2018
     Mads Kiilerich <madski@unity3d.com> 2012-2017
     Unity Technologies 2012-2017
     Andrew Shadura <andrew@shadura.me> 2012 2014-2017
-    Dominik Ruf <dominikruf@gmail.com> 2012 2014 2016-2017
-    Étienne Gilli <etienne.gilli@gmail.com> 2015 2017
+    Étienne Gilli <etienne.gilli@gmail.com> 2015-2017
+    Søren Løvborg <sorenl@unity3d.com> 2015-2017
     Sam Jaques <sam.jaques@me.com> 2015 2017
+    Asterios Dimitriou <steve@pci.gr> 2016-2017
+    Alessandro Molina <alessandro.molina@axant.it> 2017
+    Anton Schur <tonich.sh@gmail.com> 2017
     Ching-Chen Mao <mao@lins.fju.edu.tw> 2017
+    Eivind Tagseth <eivindt@gmail.com> 2017
     FUJIWARA Katsunori <foozy@lares.dti.ne.jp> 2017
+    Holger Schramm <info@schramm.by> 2017
+    Karl Goetz <karl@kgoetz.id.au> 2017
+    Lars Kruse <devel@sumpfralle.de> 2017
+    Marko Semet <markosemet@googlemail.com> 2017
     Viktar Vauchkevich <victorenator@gmail.com> 2017
     Takumi IINO <trot.thunder@gmail.com> 2012-2016
-    Søren Løvborg <sorenl@unity3d.com> 2015-2016
+    Jan Heylen <heyleke@gmail.com> 2015-2016
+    Robert Martinez <ntttq@inboxen.org> 2015-2016
+    Robert Rauch <mail@robertrauch.de> 2015-2016
+    Angel Ezquerra <angel.ezquerra@gmail.com> 2016
     Anton Shestakov <av6@dwimlabs.net> 2016
     Brandon Jones <bjones14@gmail.com> 2016
+    Kateryna Musina <kateryna@unity3d.com> 2016
     Konstantin Veretennicov <kveretennicov@gmail.com> 2016
+    Oscar Curero <oscar@naiandei.net> 2016
     Robert James Dennington <tinytimrob@googlemail.com> 2016
+    timeless@gmail.com 2016
+    YFdyh000 <yfdyh000@gmail.com> 2016
     Aras Pranckevičius <aras@unity3d.com> 2012-2013 2015
     Sean Farley <sean.michael.farley@gmail.com> 2013-2015
     Christian Oyarzun <oyarzun@gmail.com> 2014-2015
@@ -33,7 +51,7 @@
     duanhongyi <duanhongyi@doopai.com> 2015
     EriCSN Chang <ericsning@gmail.com> 2015
     Grzegorz Krason <grzegorz.krason@gmail.com> 2015
-    Jan Heylen <heyleke@gmail.com> 2015
+    Jiří Suchan <yed@vanyli.net> 2015
     Kazunari Kobayashi <kobanari@nifty.com> 2015
     Kevin Bullock <kbullock@ringworld.org> 2015
     kobanari <kobanari@nifty.com> 2015
@@ -46,11 +64,10 @@
     Nick High <nick@silverchip.org> 2015
     Niemand Jedermann <predatorix@web.de> 2015
     Peter Vitt <petervitt@web.de> 2015
-    Robert Martinez <ntttq@inboxen.org> 2015
-    Robert Rauch <mail@robertrauch.de> 2015
     Ronny Pfannschmidt <opensource@ronnypfannschmidt.de> 2015
     Tuux <tuxa@galaxie.eu.org> 2015
     Viktar Palstsiuk <vipals@gmail.com> 2015
+    Ante Ilic <ante@unity3d.com> 2014
     Bradley M. Kuhn <bkuhn@sfconservancy.org> 2014
     Calinou <calinou@opmbx.org> 2014
     Daniel Anderson <daniel@dattrix.com> 2014

--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/Jenkinsfile	Thu Jun 07 01:46:02 2018 +0200
@@ -0,0 +1,212 @@
+def createvirtualenv = ''
+def activatevirtualenv = ''
+
+node {
+    properties([[$class: 'BuildDiscarderProperty',
+                  strategy: [$class: 'LogRotator',
+                              artifactDaysToKeepStr: '',
+                              artifactNumToKeepStr: '10',
+                              daysToKeepStr: '',
+                              numToKeepStr: '']]]);
+    if (isUnix()) {
+        createvirtualenv = 'rm -r $JENKINS_HOME/venv/$JOB_NAME || true && virtualenv $JENKINS_HOME/venv/$JOB_NAME'
+        activatevirtualenv = '. $JENKINS_HOME/venv/$JOB_NAME/bin/activate'
+    } else {
+        createvirtualenv = 'rmdir /s /q %JENKINS_HOME%\\venv\\%JOB_NAME% || true && virtualenv %JENKINS_HOME%\\venv\\%JOB_NAME%'
+        activatevirtualenv = 'call %JENKINS_HOME%\\venv\\%JOB_NAME%\\Scripts\\activate.bat'
+    }
+
+    stage('checkout') {
+        checkout scm
+        if (isUnix()) {
+            sh 'hg --config extensions.purge= purge --all'
+        } else {
+            bat 'hg --config extensions.purge= purge --all'
+        }
+    }
+    stage('virtual env') {
+        def virtualenvscript = """$createvirtualenv
+            $activatevirtualenv
+            python -m pip install --upgrade pip
+            pip install --upgrade setuptools
+            pip install --upgrade pylint
+            pip install --upgrade pytest-cov
+            """
+        if (isUnix()) {
+            virtualenvscript += """
+                pip install --upgrade python-ldap
+                pip install --upgrade python-pam
+                """
+            sh virtualenvscript
+        } else {
+            bat virtualenvscript
+        }
+    }
+    stage('setup') {
+        def virtualenvscript = """$activatevirtualenv
+            pip install --upgrade -e .
+            pip install -r dev_requirements.txt
+            python setup.py compile_catalog
+            """
+        if (isUnix()) {
+            sh virtualenvscript
+        } else {
+            bat virtualenvscript
+        }
+        stash name: 'kallithea', useDefaultExcludes: false
+    }
+    stage('pylint') {
+        sh script: """$activatevirtualenv
+            pylint -j 0 --disable=C -f parseable kallithea > pylint.out
+            """, returnStatus: true
+        archiveArtifacts 'pylint.out'
+        try {
+            step([$class: 'WarningsPublisher', canComputeNew: false, canResolveRelativePaths: false, defaultEncoding: '', excludePattern: '', healthy: '', includePattern: '', messagesPattern: '', parserConfigurations: [[parserName: 'PyLint', pattern: 'pylint.out']], unHealthy: ''])
+        } catch (java.lang.IllegalArgumentException exc) {
+            echo "You need to install the 'Warnings Plug-in' to display the pylint report."
+            currentBuild.result = 'UNSTABLE'
+            echo "Caught: ${exc}"
+        }
+    }
+}
+
+def pytests = [:]
+pytests['sqlite'] = {
+    node {
+        ws {
+            deleteDir()
+            unstash name: 'kallithea'
+            if (isUnix()) {
+                sh script: """$activatevirtualenv
+                    py.test -p no:sugar --cov-config .coveragerc --junit-xml=pytest_sqlite.xml --cov=kallithea
+                    """, returnStatus: true
+            } else {
+                bat script: """$activatevirtualenv
+                    py.test -p no:sugar --cov-config .coveragerc --junit-xml=pytest_sqlite.xml --cov=kallithea
+                    """, returnStatus: true
+            }
+            sh 'sed --in-place "s/\\(classname=[\'\\"]\\)/\\1SQLITE./g" pytest_sqlite.xml'
+            archiveArtifacts 'pytest_sqlite.xml'
+            junit 'pytest_sqlite.xml'
+            writeFile(file: '.coverage.sqlite', text: readFile('.coverage'))
+            stash name: 'coverage.sqlite', includes: '.coverage.sqlite'
+        }
+    }
+}
+
+pytests['de'] = {
+    node {
+        if (isUnix()) {
+            ws {
+                deleteDir()
+                unstash name: 'kallithea'
+                withEnv(['LANG=de_DE.UTF-8',
+                    'LANGUAGE=de',
+                    'LC_ADDRESS=de_DE.UTF-8',
+                    'LC_IDENTIFICATION=de_DE.UTF-8',
+                    'LC_MEASUREMENT=de_DE.UTF-8',
+                    'LC_MONETARY=de_DE.UTF-8',
+                    'LC_NAME=de_DE.UTF-8',
+                    'LC_NUMERIC=de_DE.UTF-8',
+                    'LC_PAPER=de_DE.UTF-8',
+                    'LC_TELEPHONE=de_DE.UTF-8',
+                    'LC_TIME=de_DE.UTF-8',
+                ]) {
+                    sh script: """$activatevirtualenv
+                        py.test -p no:sugar --cov-config .coveragerc --junit-xml=pytest_de.xml --cov=kallithea
+                        """, returnStatus: true
+                }
+                sh 'sed --in-place "s/\\(classname=[\'\\"]\\)/\\1DE./g" pytest_de.xml'
+                archiveArtifacts 'pytest_de.xml'
+                junit 'pytest_de.xml'
+                writeFile(file: '.coverage.de', text: readFile('.coverage'))
+                stash name: 'coverage.de', includes: '.coverage.de'
+            }
+        }
+    }
+}
+pytests['mysql'] = {
+    node {
+        if (isUnix()) {
+            ws {
+                deleteDir()
+                unstash name: 'kallithea'
+                sh """$activatevirtualenv
+                    pip install --upgrade MySQL-python
+                    """
+                withEnv(['TEST_DB=mysql://kallithea:kallithea@jenkins_mysql/kallithea_test?charset=utf8']) {
+                    if (isUnix()) {
+                        sh script: """$activatevirtualenv
+                            py.test -p no:sugar --cov-config .coveragerc --junit-xml=pytest_mysql.xml --cov=kallithea
+                            """, returnStatus: true
+                    } else {
+                        bat script: """$activatevirtualenv
+                            py.test -p no:sugar --cov-config .coveragerc --junit-xml=pytest_mysql.xml --cov=kallithea
+                            """, returnStatus: true
+                    }
+                }
+                sh 'sed --in-place "s/\\(classname=[\'\\"]\\)/\\1MYSQL./g" pytest_mysql.xml'
+                archiveArtifacts 'pytest_mysql.xml'
+                junit 'pytest_mysql.xml'
+                writeFile(file: '.coverage.mysql', text: readFile('.coverage'))
+                stash name: 'coverage.mysql', includes: '.coverage.mysql'
+            }
+        }
+    }
+}
+pytests['postgresql'] = {
+    node {
+        if (isUnix()) {
+            ws {
+                deleteDir()
+                unstash name: 'kallithea'
+                sh """$activatevirtualenv
+                    pip install --upgrade psycopg2
+                    """
+                withEnv(['TEST_DB=postgresql://kallithea:kallithea@jenkins_postgresql/kallithea_test']) {
+                    if (isUnix()) {
+                        sh script: """$activatevirtualenv
+                            py.test -p no:sugar --cov-config .coveragerc --junit-xml=pytest_postgresql.xml --cov=kallithea
+                            """, returnStatus: true
+                    } else {
+                        bat script: """$activatevirtualenv
+                            py.test -p no:sugar --cov-config .coveragerc --junit-xml=pytest_postgresql.xml --cov=kallithea
+                            """, returnStatus: true
+                    }
+                }
+                sh 'sed --in-place "s/\\(classname=[\'\\"]\\)/\\1POSTGRES./g" pytest_postgresql.xml'
+                archiveArtifacts 'pytest_postgresql.xml'
+                junit 'pytest_postgresql.xml'
+                writeFile(file: '.coverage.postgresql', text: readFile('.coverage'))
+                stash name: 'coverage.postgresql', includes: '.coverage.postgresql'
+            }
+        }
+    }
+}
+stage('Tests') {
+    parallel pytests
+    node {
+        unstash 'coverage.sqlite'
+        unstash 'coverage.de'
+        unstash 'coverage.mysql'
+        unstash 'coverage.postgresql'
+        if (isUnix()) {
+            sh script: """$activatevirtualenv
+                coverage combine .coverage.sqlite .coverage.de .coverage.mysql .coverage.postgresql
+                coverage xml
+                """, returnStatus: true
+        } else {
+            bat script: """$activatevirtualenv
+                coverage combine .coverage.sqlite .coverage.de .coverage.mysql .coverage.postgresql
+                coverage xml
+                """, returnStatus: true
+        }
+        try {
+            step([$class: 'CoberturaPublisher', autoUpdateHealth: false, autoUpdateStability: false, coberturaReportFile: 'coverage.xml', failNoReports: false, failUnhealthy: false, failUnstable: false, maxNumberOfBuilds: 0, onlyStable: false, zoomCoverageChart: false])
+        } catch (java.lang.IllegalArgumentException exc) {
+            echo "You need to install the pipeline compatible 'CoberturaPublisher Plug-in' to display the coverage report."
+            currentBuild.result = 'UNSTABLE'
+            echo "Caught: ${exc}"
+        }
+    }
+}

--- a/LICENSE.md	Wed Jun 06 21:37:21 2018 +0200
+++ b/LICENSE.md	Thu Jun 07 01:46:02 2018 +0200
@@ -22,20 +22,32 @@
 of Kallithea.
 
 
+Alembic
+-------
+
+Kallithea incorporates an [Alembic](http://alembic.zzzcomputing.com/en/latest/)
+"migration environment" in `kallithea/alembic`, portions of which is:
+
+Copyright © 2009-2016 by Michael Bayer.
+Alembic is a trademark of Michael Bayer.
+
+and licensed under the MIT-permissive license, which is
+[included in this distribution](MIT-Permissive-License.txt).
+
 
 Bootstrap
 ---------
 
-Kallithea incorporates parts of the Javascript system called
+Kallithea incorporates the web framework called
 [Bootstrap](http://getbootstrap.com/), which is:
 
-Copyright © 2012 Twitter, Inc.
+Copyright © 2011-2016 Twitter, Inc.
 
-and licensed under
-[the Apache License 2.0](http://www.apache.org/licenses/LICENSE-2.0.html).
-
-A copy of the Apache License 2.0 is also included in this distribution in its
-entirety in the file Apache-License-2.0.txt
+and licensed under the MIT-permissive license, which is
+[included in this distribution](MIT-Permissive-License.txt),
+which can be found together with its Corresponding Source in
+https://github.com/twbs/bootstrap at tag v3.3.7 (mirrored at
+https://kallithea-scm.org/repos/mirror/bootstrap/ ).
 
 
 
@@ -62,29 +74,27 @@
 ------
 
 Kallithea incorporates the Javascript system called
-[jQuery](http://jquery.org/),
-[herein](kallithea/public/js/jquery-1.11.1.min.js), and the Corresponding
-Source can be found in https://github.com/jquery/jquery at tag 1.11.1
-(mirrored at https://kallithea-scm.org/repos/mirror/jquery/files/1.11.1/ ).
+[jQuery](http://jquery.org/), [herein](kallithea/public/js/jquery.min.js),
+which can be found together with its Corresponding Source in
+https://github.com/jquery/jquery at tag 1.12.3 (mirrored at
+https://kallithea-scm.org/repos/mirror/jquery/files/1.12.3/ ).
 
 It is Copyright 2013 jQuery Foundation and other contributors http://jquery.com/ and is under an
 [MIT-permissive license](MIT-Permissive-License.txt).
 
 
 
-Mousetrap
----------
-
-Kallithea incorporates parts of the Javascript system called
-[Mousetrap](http://craig.is/killing/mice/), which is:
+DataTables
+----------
 
-   Copyright 2013 Craig Campbell
+Kallithea incorporates the Javascript system called
+[DataTables](http://www.datatables.net/)
+which can be found together with their Corresponding Source in
+https://github.com/DataTables/DataTables at tag 1.10.13 (mirrored at
+https://kallithea-scm.org/repos/mirror/DataTables/files/1.10.13/ ).
 
-and licensed under
-[the Apache License 2.0](http://www.apache.org/licenses/LICENSE-2.0.html).
-
-A [copy of the Apache License 2.0](Apache-License-2.0.txt) is also included
-in this distribution.
+It is Copyright 2008-2015 SpryMedia Ltd. and is under an
+[MIT-permissive license](MIT-Permissive-License.txt).
 
 
 
@@ -213,9 +223,9 @@
     git checkout hudson-yui2-2800
     ln -sf JumpToPageDropDown.js src/paginator/js/JumpToPageDropdown.js # work around inconsistent casing
     rm -f tmp.js
-    for m in yahoo event dom connection animation dragdrop element datasource autocomplete container event-delegate json datatable paginator; do
-      rm -f build/\$m/\$m.js
-      ( cd src/\$m && ant build deploybuild ) && sed -e 's,@VERSION@,2.9.0,g' -e 's,@BUILD@,2800,g' build/\$m/\$m.js >> tmp.js
+    for m in yahoo event dom animation datasource autocomplete event-delegate; do
+      rm -f build/$m/$m.js
+      ( cd src/$m && ant build deploybuild ) && sed -e 's,@VERSION@,2.9.0,g' -e 's,@BUILD@,2800,g' build/$m/$m.js >> tmp.js
     done
     java -jar ../builder/componentbuild/lib/yuicompressor/yuicompressor-2.4.4.jar tmp.js -o yui.2.9.js
 
@@ -225,8 +235,8 @@
 
 
 
-Flot
-----
+YUI Flot
+--------
 
 Kallithea incorporates some CSS from a system called
 [Flot](http://code.google.com/p/flot/), which is:
@@ -241,17 +251,35 @@
 
 
 
-Migrate
--------
+Flot
+----
+
+Kallithea incorporates some parts of a Javascript system called
+[Flot](http://www.flotcharts.org/), which is:
+
+Copyright (c) 2007-2014 IOLA and Ole Laursen
 
-Kallithea incorporates in kallithea/lib/dbmigrate/migrate parts of the Python
-system called [Migrate or sqlalchemy-migrate](https://github.com/stackforge/sqlalchemy-migrate),
-which is:
+Permission is hereby granted, free of charge, to any person
+obtaining a copy of this software and associated documentation
+files (the "Software"), to deal in the Software without
+restriction, including without limitation the rights to use,
+copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the
+Software is furnished to do so, subject to the following
+conditions:
 
-Copyright (c) 2009 Evan Rosson, Jan Dittberner, Domen Kožar
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
 
-and licensed under the MIT-permissive license, which is
-[included in this distribution](MIT-Permissive-License.txt).
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
+OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
+HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
+WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+OTHER DEALINGS IN THE SOFTWARE.
+
 
 
 Icon fonts
@@ -261,7 +289,7 @@
 [Font Awesome](http://fontawesome.io) and
 [GitHub Octicons](https://octicons.github.com) for icons. Font Awesome is:
 
-Copyright (c) 2012, Dave Gandy
+Copyright (c) 2016, Dave Gandy
 
 Octicons is:
 

--- a/MANIFEST.in	Wed Jun 06 21:37:21 2018 +0200
+++ b/MANIFEST.in	Thu Jun 07 01:46:02 2018 +0200
@@ -1,21 +1,30 @@
+include           .coveragerc
 include           Apache-License-2.0.txt
 include           CONTRIBUTORS
 include           COPYING
+include           Jenkinsfile
 include           LICENSE-MERGELY.html
 include           LICENSE.md
 include           MIT-Permissive-License.txt
 include           README.rst
+include           dev_requirements.txt
 include           development.ini
+include           pytest.ini
+include           requirements.txt
+include           tox.ini
+include           package.json
 recursive-include docs *
 recursive-include init.d *
+recursive-include kallithea/alembic *
 include           kallithea/bin/ldap_sync.conf
-include           kallithea/bin/template.ini.mako
-include           kallithea/config/deployment.ini_tmpl
+include           kallithea/lib/paster_commands/template.ini.mako
 recursive-include kallithea/i18n *
-recursive-include kallithea/lib/dbmigrate *.py_tmpl README migrate.cfg
 recursive-include kallithea/public *
+recursive-include node_modules/bootstrap *
 recursive-include kallithea/templates *
 recursive-include kallithea/tests/fixtures *
 recursive-include kallithea/tests/scripts *
-include           kallithea/tests/test.ini
+include           kallithea/tests/models/test_dump_html_mails.ref.html
+include           kallithea/tests/performance/test_vcs.py
 include           kallithea/tests/vcs/aconfig
+recursive-include scripts *

--- a/README.rst	Wed Jun 06 21:37:21 2018 +0200
+++ b/README.rst	Thu Jun 07 01:46:02 2018 +0200
@@ -162,76 +162,14 @@
           install it via the command: ``pip install sphinx`` .
 
 
-Converting from RhodeCode
--------------------------
-
-Currently, you have two options for working with an existing RhodeCode
-database:
-
-- keep the database unconverted (intended for testing and evaluation)
-- convert the database in a one-time step
-
-Maintaining interoperability
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-Interoperability with RhodeCode 2.2.X installations is provided so you don't
-have to immediately commit to switching to Kallithea. This option will most
-likely go away once the two projects have diverged significantly.
-
-To run Kallithea on a RhodeCode database, run::
-
-   echo "BRAND = 'rhodecode'" > kallithea/brand.py
-
-This location will depend on where you installed Kallithea. If you installed
-via::
-
-   python2 setup.py install
-
-then you will find this location at
-``$VIRTUAL_ENV/lib/python2.7/site-packages/Kallithea-0.1-py2.7.egg/kallithea``.
-
-One-time conversion
-~~~~~~~~~~~~~~~~~~~
+Migrating from RhodeCode
+------------------------
 
-Alternatively, if you would like to convert the database for good, you can use
-a helper script provided by Kallithea. This script will operate directly on the
-database, using the database string you can find in your ``production.ini`` (or
-``development.ini``) file. For example, if using SQLite::
-
-   cd /path/to/kallithea
-   cp /path/to/rhodecode/rhodecode.db kallithea.db
-   pip install sqlalchemy-migrate
-   python2 kallithea/bin/rebranddb.py sqlite:///kallithea.db
-
-.. Note::
-
-   If you started out using the branding interoperability approach mentioned
-   above, watch out for stray brand.pyc after removing brand.py.
-
-Git hooks
-~~~~~~~~~
-
-After switching to Kallithea, it will be necessary to update the Git_ hooks in
-your repositories. If not, the Git_ hooks from RhodeCode will still be called,
-which will cause ``git push`` to fail every time.
-
-If you do not have any custom Git_ hooks deployed, perform the following steps
-(this may take some time depending on the number and size of repositories you
-have):
-
-1. Log-in as an administrator.
-
-2. Open page *Admin > Settings > Remap and Rescan*.
-
-3. Turn on the option **Install Git Hooks**.
-
-4. Turn on the option **Overwrite existing Git hooks**.
-
-5. Click on the button **Rescan Repositories**.
-
-If you do have custom hooks, you will need to merge those changes manually. In
-order to get sample hooks from Kallithea, the easiest way is to create a new Git_
-repository, and have a look at the hooks deployed there.
+Kallithea 0.3.2 and earlier supports migrating from an existing RhodeCode
+installation. To migrate, install Kallithea 0.3.2 and follow the
+instructions in the 0.3.2 README to perform a one-time conversion of the
+database from RhodeCode to Kallithea, before upgrading to this version
+of Kallithea.
 
 
 .. _virtualenv: http://pypi.python.org/pypi/virtualenv

--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/dev_requirements.txt	Thu Jun 07 01:46:02 2018 +0200
@@ -0,0 +1,10 @@
+babel >= 0.9.6, < 2.4
+waitress >= 0.8.8, < 1.0
+pytest ~= 3.0, >= 3.3.0
+pytest-runner
+pytest-sugar>=0.7.0
+pytest-benchmark
+pytest-localserver
+mock
+sphinx
+webtest < 3

--- a/development.ini	Wed Jun 06 21:37:21 2018 +0200
+++ b/development.ini	Thu Jun 07 01:46:02 2018 +0200
@@ -1,19 +1,12 @@
 ################################################################################
 ################################################################################
-# Kallithea - Development config:                                              #
-# listening on *:5000                                                          #
-# sqlite and kallithea.db                                                      #
-# initial_repo_scan = true                                                     #
-# set debug = true                                                             #
-# verbose and colorful logging                                                 #
+# Kallithea - config file generated with kallithea-config                      #
 #                                                                              #
 # The %(here)s variable will be replaced with the parent directory of this file#
 ################################################################################
 ################################################################################
 
 [DEFAULT]
-debug = true
-pdebug = false
 
 ################################################################################
 ## Email settings                                                             ##
@@ -39,43 +32,39 @@
 #email_prefix = [Kallithea]
 
 ## Recipients for error emails and fallback recipients of application mails.
-## Multiple addresses can be specified, space-separated.
+## Multiple addresses can be specified, comma-separated.
 ## Only addresses are allowed, do not add any name part.
 ## Default:
 #email_to =
 ## Examples:
 #email_to = admin@example.com
-#email_to = admin@example.com another_admin@example.com
+#email_to = admin@example.com,another_admin@example.com
+email_to =
 
 ## 'From' header for error emails. You can optionally add a name.
-## Default:
-#error_email_from = pylons@yourapp.com
+## Default: (none)
 ## Examples:
 #error_email_from = Kallithea Errors <kallithea-noreply@example.com>
-#error_email_from = paste_error@example.com
+#error_email_from = kallithea_errors@example.com
+error_email_from =
 
 ## SMTP server settings
-## Only smtp_server is mandatory. All other settings take the specified default
-## values.
-#smtp_server = smtp.example.com
+## If specifying credentials, make sure to use secure connections.
+## Default: Send unencrypted unauthenticated mails to the specified smtp_server.
+## For "SSL", use smtp_use_ssl = true and smtp_port = 465.
+## For "STARTTLS", use smtp_use_tls = true and smtp_port = 587.
+smtp_server =
 #smtp_username =
 #smtp_password =
-#smtp_port = 25
-#smtp_use_tls = false
+smtp_port =
 #smtp_use_ssl = false
-## SMTP authentication parameters to use (e.g. LOGIN PLAIN CRAM-MD5, etc.).
-## If empty, use any of the authentication parameters supported by the server.
-#smtp_auth =
+#smtp_use_tls = false
 
+## Entry point for 'gearbox serve'
 [server:main]
-## PASTE ##
-#use = egg:Paste#http
-## nr of worker threads to spawn
-#threadpool_workers = 1
-## max request before thread respawn
-#threadpool_max_requests = 100
-## option to use threads of process
-#use_threadpool = true
+#host = 127.0.0.1
+host = 0.0.0.0
+port = 5000
 
 ## WAITRESS ##
 use = egg:waitress#main
@@ -87,85 +76,6 @@
 ## windows systems.
 #asyncore_use_poll = True
 
-## GUNICORN ##
-#use = egg:gunicorn#main
-## number of process workers. You must set `instance_id = *` when this option
-## is set to more than one worker
-#workers = 1
-## process name
-#proc_name = kallithea
-## type of worker class, one of sync, eventlet, gevent, tornado
-## recommended for bigger setup is using of of other than sync one
-#worker_class = sync
-#max_requests = 1000
-## ammount of time a worker can handle request before it gets killed and
-## restarted
-#timeout = 3600
-
-## UWSGI ##
-## run with uwsgi --ini-paste-logged <inifile.ini>
-#[uwsgi]
-#socket = /tmp/uwsgi.sock
-#master = true
-#http = 127.0.0.1:5000
-
-## set as deamon and redirect all output to file
-#daemonize = ./uwsgi_kallithea.log
-
-## master process PID
-#pidfile = ./uwsgi_kallithea.pid
-
-## stats server with workers statistics, use uwsgitop
-## for monitoring, `uwsgitop 127.0.0.1:1717`
-#stats = 127.0.0.1:1717
-#memory-report = true
-
-## log 5XX errors
-#log-5xx = true
-
-## Set the socket listen queue size.
-#listen = 256
-
-## Gracefully Reload workers after the specified amount of managed requests
-## (avoid memory leaks).
-#max-requests = 1000
-
-## enable large buffers
-#buffer-size = 65535
-
-## socket and http timeouts ##
-#http-timeout = 3600
-#socket-timeout = 3600
-
-## Log requests slower than the specified number of milliseconds.
-#log-slow = 10
-
-## Exit if no app can be loaded.
-#need-app = true
-
-## Set lazy mode (load apps in workers instead of master).
-#lazy = true
-
-## scaling ##
-## set cheaper algorithm to use, if not set default will be used
-#cheaper-algo = spare
-
-## minimum number of workers to keep at all times
-#cheaper = 1
-
-## number of workers to spawn at startup
-#cheaper-initial = 1
-
-## maximum number of workers that can be spawned
-#workers = 4
-
-## how many workers should be spawned at a time
-#cheaper-step = 1
-
-## COMMON ##
-host = 0.0.0.0
-port = 5000
-
 ## middleware for hosting the WSGI application under a URL prefix
 #[filter:proxy-prefix]
 #use = egg:PasteDeploy#prefix
@@ -178,29 +88,26 @@
 
 full_stack = true
 static_files = true
-## Available Languages:
-## cs de fr hu ja nl_BE pl pt_BR ru sk zh_CN zh_TW
-lang =
+
+## Internationalization (see setup documentation for details)
+## By default, the language requested by the browser is used if available.
+#i18n.enable = false
+## Fallback language, empty for English (valid values are the names of subdirectories in kallithea/i18n):
+i18n.lang =
+
 cache_dir = %(here)s/data
 index_dir = %(here)s/data/index
 
-## perform a full repository scan on each server start, this should be
-## set to false after first startup, to allow faster server restarts.
-#initial_repo_scan = false
-initial_repo_scan = true
-
 ## uncomment and set this path to use archive download cache
 archive_cache_dir = %(here)s/tarballcache
 
 ## change this to unique ID for security
+#app_instance_uuid = VERY-SECRET
 app_instance_uuid = development-not-secret
 
 ## cut off limit for large diffs (size in bytes)
 cut_off_limit = 256000
 
-## use cache version of scm repo everywhere
-vcs_full_cache = true
-
 ## force https in Kallithea, fixes https redirects, assumes it's always https
 force_https = false
 
@@ -226,6 +133,11 @@
 show_sha_length = 12
 show_revision_number = false
 
+## Canonical URL to use when creating full URLs in UI and texts.
+## Useful when the site is available under different names or protocols.
+## Defaults to what is provided in the WSGI environment.
+#canonical_url = https://kallithea.example.com/repos
+
 ## gist URL alias, used to create nicer urls for gist. This should be an
 ## url that does rewrites to _admin/gists/<gistid>.
 ## example: http://gist.example.com/{gistid}. Empty means use the internal
@@ -245,46 +157,50 @@
 #    FilesController:archivefile
 
 ## default encoding used to convert from and to unicode
-## can be also a comma seperated list of encoding in case of mixed encodings
+## can be also a comma separated list of encoding in case of mixed encodings
 default_encoding = utf8
 
 ## issue tracker for Kallithea (leave blank to disable, absent for default)
 #bugtracker = https://bitbucket.org/conservancy/kallithea/issues
 
-## issue tracking mapping for commits messages
-## comment out issue_pat, issue_server, issue_prefix to enable
+## issue tracking mapping for commit messages, comments, PR descriptions, ...
+## Refer to the documentation ("Integration with issue trackers") for more details.
 
-## pattern to get the issues from commit messages
-## default one used here is #<numbers> with a regex passive group for `#`
-## {id} will be all groups matched from this pattern
+## regular expression to match issue references
+## This pattern may/should contain parenthesized groups, that can
+## be referred to in issue_server_link or issue_sub using Python backreferences
+## (e.g. \1, \2, ...). You can also create named groups with '(?P<groupname>)'.
+## To require mandatory whitespace before the issue pattern, use:
+## (?:^|(?<=\s)) before the actual pattern, and for mandatory whitespace
+## behind the issue pattern, use (?:$|(?=\s)) after the actual pattern.
 
-issue_pat = (?:\s*#)(\d+)
+issue_pat = #(\d+)
 
-## server url to the issue, each {id} will be replaced with match
-## fetched from the regex and {repo} is replaced with full repository name
-## including groups {repo_name} is replaced with just name of repo
-
-issue_server_link = https://issues.example.com/{repo}/issue/{id}
+## server url to the issue
+## This pattern may/should contain backreferences to parenthesized groups in issue_pat.
+## A backreference can be \1, \2, ... or \g<groupname> if you specified a named group
+## called 'groupname' in issue_pat.
+## The special token {repo} is replaced with the full repository name
+## including repository groups, while {repo_name} is replaced with just
+## the name of the repository.
 
-## prefix to add to link to indicate it's an url
-## #314 will be replaced by <issue_prefix><id>
+issue_server_link = https://issues.example.com/{repo}/issue/\1
 
-issue_prefix = #
+## substitution pattern to use as the link text
+## If issue_sub is empty, the text matched by issue_pat is retained verbatim
+## for the link text. Otherwise, the link text is that of issue_sub, with any
+## backreferences to groups in issue_pat replaced.
 
-## issue_pat, issue_server_link, issue_prefix can have suffixes to specify
+issue_sub =
+
+## issue_pat, issue_server_link and issue_sub can have suffixes to specify
 ## multiple patterns, to other issues server, wiki or others
 ## below an example how to create a wiki pattern
 # wiki-some-id -> https://wiki.example.com/some-id
 
-#issue_pat_wiki = (?:wiki-)(.+)
-#issue_server_link_wiki = https://wiki.example.com/{id}
-#issue_prefix_wiki = WIKI-
-
-## instance-id prefix
-## a prefix key for this instance used for cache invalidation when running
-## multiple instances of kallithea, make sure it's globally unique for
-## all running kallithea instances. Leave empty if you don't use it
-instance_id =
+#issue_pat_wiki = wiki-(\S+)
+#issue_server_link_wiki = https://wiki.example.com/\1
+#issue_sub_wiki = WIKI-\1
 
 ## alternative return HTTP header for failed authentication. Default HTTP
 ## response is 401 HTTPUnauthorized. Currently Mercurial clients have trouble with
@@ -301,19 +217,29 @@
 ## allows to setup custom hooks in settings page
 allow_custom_hooks_settings = True
 
+## extra extensions for indexing, space separated and without the leading '.'.
+# index.extensions =
+#    gemfile
+#    lock
+
+## extra filenames for indexing, space separated
+# index.filenames =
+#    .dockerignore
+#    .editorconfig
+#    INSTALL
+#    CHANGELOG
+
 ####################################
 ###        CELERY CONFIG        ####
 ####################################
 
 use_celery = false
-broker.host = localhost
-broker.vhost = rabbitmqhost
-broker.port = 5672
-broker.user = rabbitmq
-broker.password = qweqwe
+
+## Example: connect to the virtual host 'rabbitmqhost' on localhost as rabbitmq:
+broker.url = amqp://rabbitmq:qewqew@localhost:5672/rabbitmqhost
 
 celery.imports = kallithea.lib.celerylib.tasks
-
+celery.accept.content = pickle
 celery.result.backend = amqp
 celery.result.dburi = amqp://
 celery.result.serialier = json
@@ -322,11 +248,9 @@
 #celery.amqp.task.result.expires = 18000
 
 celeryd.concurrency = 2
-#celeryd.log.file = celeryd.log
-celeryd.log.level = DEBUG
 celeryd.max.tasks.per.child = 1
 
-## tasks will never be sent to the queue, but executed locally instead.
+## If true, tasks will never be sent to the queue, but executed locally instead.
 celery.always.eager = false
 
 ####################################
@@ -363,6 +287,7 @@
 beaker.session.timeout = 2592000
 
 ## Server secret used with HMAC to ensure integrity of cookies.
+#beaker.session.secret = VERY-SECRET
 beaker.session.secret = development-not-secret
 ## Further, encrypt the data with AES.
 #beaker.session.encrypt_key = <key_for_encryption>
@@ -382,90 +307,13 @@
 #beaker.session.sa.url = postgresql://postgres:qwe@localhost/kallithea
 #beaker.session.table_name = db_session
 
-############################
-## ERROR HANDLING SYSTEMS ##
-############################
-
-####################
-### [appenlight] ###
-####################
-
-## AppEnlight is tailored to work with Kallithea, see
-## http://appenlight.com for details how to obtain an account
-## you must install python package `appenlight_client` to make it work
-
-## appenlight enabled
-appenlight = false
-
-appenlight.server_url = https://api.appenlight.com
-appenlight.api_key = YOUR_API_KEY
-
-## TWEAK AMOUNT OF INFO SENT HERE
-
-## enables 404 error logging (default False)
-appenlight.report_404 = false
-
-## time in seconds after request is considered being slow (default 1)
-appenlight.slow_request_time = 1
-
-## record slow requests in application
-## (needs to be enabled for slow datastore recording and time tracking)
-appenlight.slow_requests = true
-
-## enable hooking to application loggers
-#appenlight.logging = true
-
-## minimum log level for log capture
-#appenlight.logging.level = WARNING
-
-## send logs only from erroneous/slow requests
-## (saves API quota for intensive logging)
-appenlight.logging_on_error = false
-
-## list of additonal keywords that should be grabbed from environ object
-## can be string with comma separated list of words in lowercase
-## (by default client will always send following info:
-## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
-## start with HTTP* this list be extended with additional keywords here
-appenlight.environ_keys_whitelist =
-
-## list of keywords that should be blanked from request object
-## can be string with comma separated list of words in lowercase
-## (by default client will always blank keys that contain following words
-## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
-## this list be extended with additional keywords set here
-appenlight.request_keys_blacklist =
-
-## list of namespaces that should be ignores when gathering log entries
-## can be string with comma separated list of namespaces
-## (by default the client ignores own entries: appenlight_client.client)
-appenlight.log_namespace_blacklist =
-
-################
-### [sentry] ###
-################
-
-## sentry is a alternative open source error aggregator
-## you must install python packages `sentry` and `raven` to enable
-
-sentry.dsn = YOUR_DNS
-sentry.servers =
-sentry.name =
-sentry.key =
-sentry.public_key =
-sentry.secret_key =
-sentry.project =
-sentry.site =
-sentry.include_paths =
-sentry.exclude_paths =
-
 ################################################################################
-## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT*  ##
+## WARNING: *DEBUG MODE MUST BE OFF IN A PRODUCTION ENVIRONMENT*              ##
 ## Debug mode will enable the interactive debugging tool, allowing ANYONE to  ##
 ## execute malicious code after an exception is raised.                       ##
 ################################################################################
-#set debug = false
-set debug = true
+#debug = false
+debug = true
 
 ##################################
 ###       LOGVIEW CONFIG       ###
@@ -480,26 +328,25 @@
 #########################################################
 
 # SQLITE [default]
-sqlalchemy.db1.url = sqlite:///%(here)s/kallithea.db?timeout=60
-
-# POSTGRESQL
-#sqlalchemy.db1.url = postgresql://user:pass@localhost/kallithea
-
-# MySQL
-#sqlalchemy.db1.url = mysql://user:pass@localhost/kallithea
+sqlalchemy.url = sqlite:///%(here)s/kallithea.db?timeout=60
 
 # see sqlalchemy docs for others
 
-sqlalchemy.db1.echo = false
-sqlalchemy.db1.pool_recycle = 3600
-sqlalchemy.db1.convert_unicode = true
+sqlalchemy.pool_recycle = 3600
+
+################################
+### ALEMBIC CONFIGURATION   ####
+################################
+
+[alembic]
+script_location = kallithea:alembic
 
 ################################
 ### LOGGING CONFIGURATION   ####
 ################################
 
 [loggers]
-keys = root, routes, kallithea, sqlalchemy, beaker, templates, whoosh_indexer
+keys = root, routes, kallithea, sqlalchemy, tg, gearbox, beaker, templates, whoosh_indexer, werkzeug, backlash
 
 [handlers]
 keys = console, console_sql
@@ -516,6 +363,7 @@
 handlers = console
 
 [logger_routes]
+#level = WARN
 level = DEBUG
 handlers =
 qualname = routes.middleware
@@ -523,35 +371,65 @@
 propagate = 1
 
 [logger_beaker]
+#level = WARN
 level = DEBUG
 handlers =
 qualname = beaker.container
 propagate = 1
 
 [logger_templates]
+#level = WARN
 level = INFO
 handlers =
 qualname = pylons.templating
 propagate = 1
 
 [logger_kallithea]
+#level = WARN
 level = DEBUG
 handlers =
 qualname = kallithea
 propagate = 1
 
+[logger_tg]
+#level = WARN
+level = DEBUG
+handlers =
+qualname = tg
+propagate = 1
+
+[logger_gearbox]
+#level = WARN
+level = DEBUG
+handlers =
+qualname = gearbox
+propagate = 1
+
 [logger_sqlalchemy]
-level = INFO
+level = WARN
 handlers = console_sql
 qualname = sqlalchemy.engine
 propagate = 0
 
 [logger_whoosh_indexer]
+#level = WARN
 level = DEBUG
 handlers =
 qualname = whoosh_indexer
 propagate = 1
 
+[logger_werkzeug]
+level = WARN
+handlers =
+qualname = werkzeug
+propagate = 1
+
+[logger_backlash]
+level = WARN
+handlers =
+qualname = backlash
+propagate = 1
+
 ##############
 ## HANDLERS ##
 ##############
@@ -559,17 +437,13 @@
 [handler_console]
 class = StreamHandler
 args = (sys.stderr,)
-#level = INFO
 #formatter = generic
-level = DEBUG
 formatter = color_formatter
 
 [handler_console_sql]
 class = StreamHandler
 args = (sys.stderr,)
-#level = WARN
 #formatter = generic
-level = DEBUG
 formatter = color_formatter_sql
 
 ################

--- a/docs/api/api.rst	Wed Jun 06 21:37:21 2018 +0200
+++ b/docs/api/api.rst	Thu Jun 07 01:46:02 2018 +0200
@@ -9,34 +9,16 @@
 ``<your_server>/_admin/api``.
 
 
-API access for web views
-++++++++++++++++++++++++
-
-API access can also be turned on for each web view in Kallithea that is
-decorated with the ``@LoginRequired`` decorator. Some views use
-``@LoginRequired(api_access=True)`` and are always available. By default only
-RSS/Atom feed views are enabled. Other views are
-only available if they have been whitelisted. Edit the
-``api_access_controllers_whitelist`` option in your .ini file and define views
-that should have API access enabled.
+API keys
+--------
 
-For example, to enable API access to patch/diff, raw file and archive::
-
-    api_access_controllers_whitelist =
-        ChangesetController:changeset_patch,
-        ChangesetController:changeset_raw,
-        FilesController:raw,
-        FilesController:archivefile
-
-After this change, a Kallithea view can be accessed without login by adding a
-GET parameter ``?api_key=<api_key>`` to the URL.
-
-Exposing raw diffs is a good way to integrate with
-third-party services like code review, or build farms that can download archives.
+Every Kallithea user automatically receives an API key, which they can
+view under "My Account". On this page, API keys can also be revoked, and
+additional API keys can be generated.
 
 
 API access
-++++++++++
+----------
 
 Clients must send JSON encoded JSON-RPC requests::
 
@@ -76,7 +58,7 @@
 
 
 API client
-++++++++++
+----------
 
 Kallithea comes with a ``kallithea-api`` command line tool, providing a convenient
 way to call the JSON-RPC API.
@@ -110,11 +92,11 @@
 
 
 API methods
-+++++++++++
+-----------
 
 
 pull
-----
+^^^^
 
 Pull the given repo from remote location. Can be used to automatically keep
 remote repos up to date.
@@ -136,7 +118,7 @@
     error :  null
 
 rescan_repos
-------------
+^^^^^^^^^^^^
 
 Rescan repositories. If ``remove_obsolete`` is set,
 Kallithea will delete repos that are in the database but not in the filesystem.
@@ -159,7 +141,7 @@
     error :  null
 
 invalidate_cache
-----------------
+^^^^^^^^^^^^^^^^
 
 Invalidate the cache for a repository.
 This command can only be executed using the api_key of a user with admin rights,
@@ -181,7 +163,7 @@
     error :  null
 
 lock
-----
+^^^^
 
 Set the locking state on the given repository by the given user.
 If the param ``userid`` is skipped, it is set to the ID of the user who is calling this method.
@@ -212,7 +194,7 @@
     error :  null
 
 get_ip
-------
+^^^^^^
 
 Return IP address as seen from Kallithea server, together with all
 defined IP addresses for given user.
@@ -244,12 +226,12 @@
     error :  null
 
 get_user
---------
+^^^^^^^^
 
 Get a user by username or userid. The result is empty if user can't be found.
 If userid param is skipped, it is set to id of user who is calling this method.
 Any userid can be specified when the command is executed using the api_key of a user with admin rights.
-Regular users can only speicy their own userid.
+Regular users can only specify their own userid.
 
 INPUT::
 
@@ -288,7 +270,7 @@
     error:  null
 
 get_users
----------
+^^^^^^^^^
 
 List all existing users.
 This command can only be executed using the api_key of a user with admin rights.
@@ -325,7 +307,7 @@
 .. _create-user:
 
 create_user
------------
+^^^^^^^^^^^
 
 Create new user.
 This command can only be executed using the api_key of a user with admin rights.
@@ -371,7 +353,7 @@
     kallithea-api create_user username:bent email:bent@example.com firstname:Bent lastname:Bentsen extern_type:ldap extern_name:uid=bent,dc=example,dc=com
 
 update_user
------------
+^^^^^^^^^^^
 
 Update the given user if such user exists.
 This command can only be executed using the api_key of a user with admin rights.
@@ -415,7 +397,7 @@
     error:  null
 
 delete_user
------------
+^^^^^^^^^^^
 
 Delete the given user if such a user exists.
 This command can only be executed using the api_key of a user with admin rights.
@@ -439,7 +421,7 @@
     error:  null
 
 get_user_group
---------------
+^^^^^^^^^^^^^^
 
 Get an existing user group.
 This command can only be executed using the api_key of a user with admin rights.
@@ -481,7 +463,7 @@
     error : null
 
 get_user_groups
----------------
+^^^^^^^^^^^^^^^
 
 List all existing user groups.
 This command can only be executed using the api_key of a user with admin rights.
@@ -507,7 +489,7 @@
     error : null
 
 create_user_group
------------------
+^^^^^^^^^^^^^^^^^
 
 Create a new user group.
 This command can only be executed using the api_key of a user with admin rights.
@@ -537,7 +519,7 @@
     error:  null
 
 add_user_to_user_group
-----------------------
+^^^^^^^^^^^^^^^^^^^^^^
 
 Adds a user to a user group. If the user already is in that group, success will be
 ``false``.
@@ -564,7 +546,7 @@
     error:  null
 
 remove_user_from_user_group
----------------------------
+^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
 Remove a user from a user group. If the user isn't in the given group, success will
 be ``false``.
@@ -591,7 +573,7 @@
     error:  null
 
 get_repo
---------
+^^^^^^^^
 
 Get an existing repository by its name or repository_id. Members will contain
 either users_group or users associated to that repository.
@@ -604,7 +586,9 @@
     api_key : "<api_key>"
     method :  "get_repo"
     args:     {
-                "repoid" : "<reponame or repo_id>"
+                "repoid" : "<reponame or repo_id>",
+                "with_revision_names": "<bool> = Optional(False)",
+                "with_pullrequests": "<bool> = Optional(False)",
               }
 
 OUTPUT::
@@ -630,7 +614,7 @@
                                        "raw_id":   "<raw_id>",
                                        "revision": "<numeric_revision>",
                                        "short_id": "<short_id>"
-                                     }
+                                     },
                 "owner":             "<repo_owner>",
                 "fork_of":           "<name_of_fork_parent>",
                 "members" :     [
@@ -658,7 +642,7 @@
                                     "permission" : "repository.(read|write|admin)"
                                   },
                                   …
-                                ]
+                                ],
                  "followers":   [
                                   {
                                     "user_id" :     "<user_id>",
@@ -675,12 +659,74 @@
                                     "last_login":   "<last_login>",
                                   },
                                   …
-                 ]
+                                ],
+                 <if with_revision_names == True>
+                 "tags": {
+                            "<tagname>": "<raw_id>",
+                            ...
+                         },
+                 "branches": {
+                            "<branchname>": "<raw_id>",
+                            ...
+                         },
+                 "bookmarks": {
+                            "<bookmarkname>": "<raw_id>",
+                            ...
+                         },
+                <if with_pullrequests == True>
+                "pull_requests": [
+                  {
+                    "status": "<pull_request_status>",
+                    "pull_request_id": <pull_request_id>,
+                    "description": "<pull_request_description>",
+                    "title": "<pull_request_title>",
+                    "url": "<pull_request_url>",
+                    "reviewers": [
+                      {
+                        "username": "<user_id>",
+                      },
+                      ...
+                    ],
+                    "org_repo_url": "<repo_url>",
+                    "org_ref_parts": [
+                      "<ref_type>",
+                      "<ref_name>",
+                      "<raw_id>"
+                    ],
+                    "other_ref_parts": [
+                      "<ref_type>",
+                      "<ref_name>",
+                      "<raw_id>"
+                    ],
+                    "comments": [
+                      {
+                        "username": "<user_id>",
+                        "text": "<comment text>",
+                        "comment_id": "<comment_id>",
+                      },
+                      ...
+                    ],
+                    "owner": "<username>",
+                    "statuses": [
+                      {
+                        "status": "<status_of_review>",        # "under_review", "approved" or "rejected"
+                        "reviewer": "<user_id>",
+                        "modified_at": "<date_time_of_review>" # iso 8601 date, server's timezone
+                      },
+                      ...
+                    ],
+                    "revisions": [
+                      "<raw_id>",
+                      ...
+                    ]
+                  },
+                  ...
+                ]
             }
     error:  null
 
 get_repos
----------
+^^^^^^^^^
 
 List all existing repositories.
 This command can only be executed using the api_key of a user with admin rights,
@@ -717,7 +763,7 @@
     error:  null
 
 get_repo_nodes
---------------
+^^^^^^^^^^^^^^
 
 Return a list of files and directories for a given path at the given revision.
 It is possible to specify ret_type to show only ``files`` or ``dirs``.
@@ -748,7 +794,7 @@
     error:  null
 
 create_repo
------------
+^^^^^^^^^^^
 
 Create a repository. If the repository name contains "/", the repository will be
 created in the repository group indicated by that path. Any such repository
@@ -802,7 +848,7 @@
     error:  null
 
 update_repo
------------
+^^^^^^^^^^^
 
 Update a repository.
 This command can only be executed using the api_key of a user with admin rights,
@@ -862,7 +908,7 @@
     error:  null
 
 fork_repo
----------
+^^^^^^^^^
 
 Create a fork of the given repo. If using Celery, this will
 return success message immediately and a fork will be created
@@ -898,7 +944,7 @@
     error:  null
 
 delete_repo
------------
+^^^^^^^^^^^
 
 Delete a repository.
 This command can only be executed using the api_key of a user with admin rights,
@@ -925,7 +971,7 @@
     error:  null
 
 grant_user_permission
----------------------
+^^^^^^^^^^^^^^^^^^^^^
 
 Grant permission for a user on the given repository, or update the existing one if found.
 This command can only be executed using the api_key of a user with admin rights.
@@ -951,7 +997,7 @@
     error:  null
 
 revoke_user_permission
-----------------------
+^^^^^^^^^^^^^^^^^^^^^^
 
 Revoke permission for a user on the given repository.
 This command can only be executed using the api_key of a user with admin rights.
@@ -976,7 +1022,7 @@
     error:  null
 
 grant_user_group_permission
----------------------------
+^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
 Grant permission for a user group on the given repository, or update the
 existing one if found.
@@ -1003,7 +1049,7 @@
     error:  null
 
 revoke_user_group_permission
-----------------------------
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
 Revoke permission for a user group on the given repository.
 This command can only be executed using the api_key of a user with admin rights.
@@ -1026,3 +1072,235 @@
               "success": true
             }
     error:  null
+
+get_changesets
+^^^^^^^^^^^^^^
+
+Get changesets of a given repository. This command can only be executed using the api_key
+of a user with read permissions to the repository.
+
+INPUT::
+
+    id : <id_for_response>
+    api_key : "<api_key>"
+    method  : "get_changesets"
+    args:     {
+                "repoid" : "<reponame or repo_id>",
+                "start": "<revision number> = Optional(None)",
+                "end": "<revision number> = Optional(None)",
+                "start_date": "<date> = Optional(None)",    # in "%Y-%m-%dT%H:%M:%S" format
+                "end_date": "<date> = Optional(None)",      # in "%Y-%m-%dT%H:%M:%S" format
+                "branch_name": "<branch name filter> = Optional(None)",
+                "reverse": "<bool> = Optional(False)",
+                "with_file_list": "<bool> = Optional(False)"
+              }
+
+OUTPUT::
+
+    id : <id_given_in_input>
+    result: [
+    {
+      "raw_id": "<raw_id>",
+      "short_id": "short_id": "<short_id>",
+      "author": "<full_author>",
+      "date": "<date_time_of_commit>",
+      "message": "<commit_message>",
+      "revision": "<numeric_revision>",
+      <if with_file_list == True>
+      "added": [<list of added files>],
+      "changed": [<list of changed files>],
+      "removed": [<list of removed files>]
+    },
+    ...
+    ]
+    error:  null
+
+get_changeset
+^^^^^^^^^^^^^
+
+Get information and review status for a given changeset. This command can only
+be executed using the api_key of a user with read permissions to the
+repository.
+
+INPUT::
+
+    id : <id_for_response>
+    api_key : "<api_key>"
+    method  : "get_changeset"
+    args:     {
+                "repoid" : "<reponame or repo_id>",
+                "raw_id" : "<raw_id>",
+                "with_reviews": "<bool> = Optional(False)"
+              }
+
+OUTPUT::
+
+    id : <id_given_in_input>
+    result: {
+              "author":   "<full_author>",
+              "date":     "<date_time_of_commit>",
+              "message":  "<commit_message>",
+              "raw_id":   "<raw_id>",
+              "revision": "<numeric_revision>",
+              "short_id": "<short_id>",
+              "reviews": [{
+                    "reviewer":   "<username>",
+                    "modified_at": "<date_time_of_review>",  # iso 8601 date, server's timezone
+                    "status":   "<status_of_review>",        # "under_review", "approved" or "rejected"
+                 },
+                 ...
+              ]
+            }
+    error:  null
+
+Example output::
+
+    {
+      "id" : 1,
+      "error" : null,
+      "result" : {
+        "author" : {
+          "email" : "user@example.com",
+          "name" : "Kallithea Admin"
+        },
+        "changed" : [],
+        "short_id" : "e1022d3d28df",
+        "date" : "2017-03-28T09:09:03",
+        "added" : [
+          "README.rst"
+        ],
+        "removed" : [],
+        "revision" : 0,
+        "raw_id" : "e1022d3d28dfba02f626cde65dbe08f4ceb0e4e7",
+        "message" : "Added file via Kallithea",
+        "id" : "e1022d3d28dfba02f626cde65dbe08f4ceb0e4e7",
+        "reviews" : [
+          {
+            "status" : "under_review",
+            "modified_at" : "2017-03-28T09:17:08.618",
+            "reviewer" : "user"
+          }
+        ]
+      }
+    }
+
+get_pullrequest
+^^^^^^^^^^^^^^^
+
+Get information and review status for a given pull request. This command can only be executed
+using the api_key of a user with read permissions to the original repository.
+
+INPUT::
+
+    id : <id_for_response>
+    api_key : "<api_key>"
+    method  : "get_pullrequest"
+    args:     {
+                "pullrequest_id" : "<pullrequest_id>",
+              }
+
+OUTPUT::
+
+    id : <id_given_in_input>
+    result: {
+        "status": "<pull_request_status>",
+        "pull_request_id": <pull_request_id>,
+        "description": "<pull_request_description>",
+        "title": "<pull_request_title>",
+        "url": "<pull_request_url>",
+        "reviewers": [
+          {
+            "username": "<user_name>",
+          },
+          ...
+        ],
+        "org_repo_url": "<repo_url>",
+        "org_ref_parts": [
+          "<ref_type>",
+          "<ref_name>",
+          "<raw_id>"
+        ],
+        "other_ref_parts": [
+          "<ref_type>",
+          "<ref_name>",
+          "<raw_id>"
+        ],
+        "comments": [
+          {
+            "username": "<user_name>",
+            "text": "<comment text>",
+            "comment_id": "<comment_id>",
+          },
+          ...
+        ],
+        "owner": "<username>",
+        "statuses": [
+          {
+            "status": "<status_of_review>",        # "under_review", "approved" or "rejected"
+            "reviewer": "<user_name>",
+            "modified_at": "<date_time_of_review>" # iso 8601 date, server's timezone
+          },
+          ...
+        ],
+        "revisions": [
+          "<raw_id>",
+          ...
+        ]
+    },
+    error:  null
+
+comment_pullrequest
+^^^^^^^^^^^^^^^^^^^
+
+Add comment, change status or close a given pull request. This command can only be executed
+using the api_key of a user with read permissions to the original repository.
+
+INPUT::
+
+    id : <id_for_response>
+    api_key : "<api_key>"
+    method  : "comment_pullrequest"
+    args:     {
+                "pull_request_id":  "<pull_request_id>",
+                "comment_msg":      Optional(''),
+                "status":           Optional(None),     # "under_review", "approved" or "rejected"
+                "close_pr":         Optional(False)",
+              }
+
+OUTPUT::
+
+    id : <id_given_in_input>
+    result: True
+    error:  null
+
+
+API access for web views
+------------------------
+
+API access can also be turned on for each web view in Kallithea that is
+decorated with the ``@LoginRequired`` decorator. Some views use
+``@LoginRequired(api_access=True)`` and are always available. By default only
+RSS/Atom feed views are enabled. Other views are
+only available if they have been whitelisted. Edit the
+``api_access_controllers_whitelist`` option in your .ini file and define views
+that should have API access enabled.
+
+For example, to enable API access to patch/diff, raw file and archive::
+
+    api_access_controllers_whitelist =
+        ChangesetController:changeset_patch,
+        ChangesetController:changeset_raw,
+        FilesController:raw,
+        FilesController:archivefile
+
+After this change, a Kallithea view can be accessed without login using
+bearer authentication, by including this header with the request::
+
+    Authentication: Bearer <api_key>
+
+Alternatively, the API key can be passed in the URL query string using
+``?api_key=<api_key>``, though this is not recommended due to the increased
+risk of API key leaks, and support will likely be removed in the future.
+
+Exposing raw diffs is a good way to integrate with
+third-party services like code review, or build farms that can download archives.