Merge branch 'main' of https://github.com/go-gitea/gitea

* 'main' of https://github.com/go-gitea/gitea:
  Fix typos in docs/content (go-gitea#18215)
  [skip ci] Updated licenses and gitignores
  In the Organization member page, 2fa column is too narrow for Simplified Chinese and Chinese Traditional. (go-gitea#18213)
  Fix new team (go-gitea#18212)

Author: zjj

docs/content/doc/advanced/config-cheat-sheet.en-us.md

@@ -313,7 +313,7 @@ The following configuration set `Content-Type: application/vnd.android.package-a
 - `PORT_TO_REDIRECT`: **80**: Port for the http redirection service to listen on. Used when `REDIRECT_OTHER_PORT` is true.
 - `SSL_MIN_VERSION`: **TLSv1.2**: Set the minimum version of ssl support.
 - `SSL_MAX_VERSION`: **\<empty\>**: Set the maximum version of ssl support.
-- `SSL_CURVE_PREFERENCES`: **X25519,P256**: Set the prefered curves,
+- `SSL_CURVE_PREFERENCES`: **X25519,P256**: Set the preferred curves,
 - `SSL_CIPHER_SUITES`: **ecdhe_ecdsa_with_aes_256_gcm_sha384,ecdhe_rsa_with_aes_256_gcm_sha384,ecdhe_ecdsa_with_aes_128_gcm_sha256,ecdhe_rsa_with_aes_128_gcm_sha256,ecdhe_ecdsa_with_chacha20_poly1305,ecdhe_rsa_with_chacha20_poly1305**: Set the preferred cipher suites.
   - If there is not hardware support for AES suites by default the cha cha suites will be preferred over the AES suites
   - supported suites as of go 1.17 are:

docs/content/doc/developers/guidelines-backend.md

@@ -43,8 +43,8 @@ To maintain understandable code and avoid circular dependencies it is important
   - `modules/git`: Package to interactive with `Git` command line or Gogit package.
 - `public`: Compiled frontend files (javascript, images, css, etc.)
 - `routers`: Handling of server requests. As it uses other Gitea packages to serve the request, other packages (models, modules or services) shall not depend on routers.
-  - `routers/api` Conatins routers for `/api/v1` aims to handle RESTful API requests. 
-  - `routers/install` Could only reponse when system is INSTALL mode. 
+  - `routers/api` Contains routers for `/api/v1` aims to handle RESTful API requests. 
+  - `routers/install` Could only respond when system is in INSTALL mode (INSTALL_LOCK=false). 
   - `routers/private` will only be invoked by internal sub commands, especially `serv` and `hooks`. 
   - `routers/web` will handle HTTP requests from web browsers or Git SMART HTTP protocols.
 - `services`: Support functions for common routing operations or command executions. Uses `models` and `modules` to handle the requests.
@@ -103,7 +103,7 @@ i.e. `servcies/user`, `models/repository`.
 
 ### Import Alias
 
-Since there are many package levels and sub packages, so you will find `modules/user`, `models/user`, `services/user`. When these packages are import into one Go file, it's difficult to know which package we are using and if it's a variable name or an import name. So we recommand to always use import alias. To differ from package variables which are commonly use camelCase, just use **snake_case** as import package alias.
+Since there are some packages which use the same package name, it is possible that you find packages like `modules/user`, `models/user`, and `services/user`. When these packages are imported in one Go file, it's difficult to know which package we are using and if it's a variable name or an import name. So, we always recommend to use import aliases. To differ from package variables which are commonly in camelCase, just use **snake_case** for import aliases.
 i.e. `import user_service "code.gitea.io/gitea/services/user"`
 
 ### Future Tasks

docs/content/doc/installation/with-docker.en-us.md

@@ -337,7 +337,7 @@ In the next step a file named `/app/gitea/gitea` (with executable permissions) n
 ssh -p 2222 -o StrictHostKeyChecking=no git@127.0.0.1 "SSH_ORIGINAL_COMMAND=\"$SSH_ORIGINAL_COMMAND\" $0 $@"
 ```
 
-Here you should also make sure that you've set the permisson of `/app/gitea/gitea` correctly:
+Here you should also make sure that you've set the permission of `/app/gitea/gitea` correctly:
 
 ```bash
 sudo chmod +x /app/gitea/gitea

docs/content/doc/upgrade/from-gogs.en-us.md

@@ -81,7 +81,7 @@ Upgrade to [`gitea 1.6.4`](https://dl.gitea.io/gitea/1.6.4/) first. Download the
 the destination platform from the [downloads page](https://dl.gitea.io/gitea/1.6.4/) and replace the binary.
 Run Gitea at least once and check that everything works as expected.
 
-Then repeat the procedure, but this time using the [lastest release](https://dl.gitea.io/gitea/{{< version >}}/).
+Then repeat the procedure, but this time using the [latest release](https://dl.gitea.io/gitea/{{< version >}}/).
 
 ## Upgrading from a more recent version of Gogs
 

docs/content/doc/usage/command-line.en-us.md

@@ -130,7 +130,7 @@ Admin operations:
         - `--custom-email-url`: Use a custom Email URL (option for GitHub).
         - `--icon-url`: Custom icon URL for OAuth2 login source.
         - `--override-local-2fa`: Allow source to override local 2FA. (Optional)
-        - `--scopes`: Addtional scopes to request for this OAuth2 source. (Optional)
+        - `--scopes`: Additional scopes to request for this OAuth2 source. (Optional)
         - `--required-claim-name`: Claim name that has to be set to allow users to login with this source. (Optional)
         - `--required-claim-value`: Claim value that has to be set to allow users to login with this source. (Optional)
         - `--group-claim-name`: Claim name providing group names for this source. (Optional)
@@ -153,7 +153,7 @@ Admin operations:
         - `--custom-email-url`: Use a custom Email URL (option for GitHub).
         - `--icon-url`: Custom icon URL for OAuth2 login source.
         - `--override-local-2fa`: Allow source to override local 2FA. (Optional)
-        - `--scopes`: Addtional scopes to request for this OAuth2 source.
+        - `--scopes`: Additional scopes to request for this OAuth2 source.
         - `--required-claim-name`: Claim name that has to be set to allow users to login with this source. (Optional)
         - `--required-claim-value`: Claim value that has to be set to allow users to login with this source. (Optional)
         - `--group-claim-name`: Claim name providing group names for this source. (Optional)

docs/content/doc/usage/reverse-proxies.en-us.md

@@ -312,7 +312,7 @@ backend gitea
     server localhost:3000 check
 ```
 
-If you redirect the http content to https, the configuration work the same way, just remember that the connexion between HAProxy and Gitea will be done via http so you do not have to enable https in Gitea's configuration.
+If you redirect the http content to https, the configuration work the same way, just remember that the connection between HAProxy and Gitea will be done via http so you do not have to enable https in Gitea's configuration.
 
 ## HAProxy with a sub-path
 

models/unit/unit.go

@@ -193,6 +193,14 @@ func (u Unit) IsLessThan(unit Unit) bool {
 	return u.Idx < unit.Idx
 }
 
+// MaxPerm returns the max perms of this unit
+func (u Unit) MaxPerm() perm.AccessMode {
+	if u.Type == TypeExternalTracker || u.Type == TypeExternalWiki {
+		return perm.AccessModeRead
+	}
+	return perm.AccessModeAdmin
+}
+
 // Enumerate all the units
 var (
 	UnitCode = Unit{

options/gitignore/Node

@@ -104,6 +104,9 @@ dist
 .temp
 .cache
 
+# Docusaurus cache and generated files
+.docusaurus
+
 # Serverless directories
 .serverless/
 

options/gitignore/Xcode

@@ -1,26 +1,6 @@
-# Xcode
-#
-# gitignore contributors: remember to update Global/Xcode.gitignore, Objective-C.gitignore & Swift.gitignore
-
 ## User settings
 xcuserdata/
 
-## compatibility with Xcode 8 and earlier (ignoring not required starting Xcode 9)
+## Xcode 8 and earlier
 *.xcscmblueprint
 *.xccheckout
-
-## compatibility with Xcode 3 and earlier (ignoring not required starting Xcode 4)
-build/
-DerivedData/
-*.moved-aside
-*.pbxuser
-!default.pbxuser
-*.mode1v3
-!default.mode1v3
-*.mode2v3
-!default.mode2v3
-*.perspectivev3
-!default.perspectivev3
-
-## Gcc Patch
-/*.gcno

templates/org/member/members.tmpl

@@ -37,7 +37,7 @@
 							<strong>{{if index $.MembersIsUserOrgOwner .ID}}{{svg "octicon-shield-lock"}} {{$.i18n.Tr "org.members.owner"}}{{else}}{{$.i18n.Tr "org.members.member"}}{{end}}</strong>
 						</div>
 					</div>
-					<div class="ui one wide column center">
+					<div class="ui two wide column center">
 						<div class="meta">
 							{{$.i18n.Tr "admin.users.2fa"}}
 						</div>
@@ -51,7 +51,7 @@
 							</strong>
 						</div>
 					</div>
-					<div class="ui four wide column">
+					<div class="ui three wide column">
 						<div class="text right">
 							{{if eq $.SignedUser.ID .ID}}
 								<form>