WIP type pages

2021-02-05 12:10:29 +00:00
261 changed files with 12653 additions and 56537 deletions
--- a/.dockerignore
+++ b/.dockerignore
@ -3,4 +3,3 @@ data*
 uploads
 *.pyc
 __pycache__
 env
--- a/.github/FUNDING.yml
+++ b/.github/FUNDING.yml
@ -1,4 +0,0 @@
 # These are supported funding model platforms
 patreon: rubenwardy
 custom: [ "https://rubenwardy.com/donate/" ]
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@ -1,21 +0,0 @@
 name: Tests
 on: [push, pull_request]
 jobs:
  test:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v2
    - name: Copy config
      run: cp utils/ci/* .
    - name: Build the Docker image
      run: docker-compose build
    - name: Start Docker
      run: docker-compose up -d
    - name: Run migrations
      run: ./utils/run_migrations.sh
    - name: Run tests
      run: ./utils/tests_cov.sh
    - name: Stop Docker
      run: docker-compose down
--- a/.gitignore
+++ b/.gitignore
@ -11,7 +11,6 @@ app/public/thumbnails
 celerybeat-schedule
 /data
 .idea
 *.mo
 # Created by https://www.gitignore.io/api/linux,macos,python,windows
@ -106,6 +105,10 @@ coverage.xml
 *.cover
 .hypothesis/
 # Translations
 *.mo
 *.pot
 # Flask stuff:
 instance/
 .webassets-cache
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -0,0 +1,22 @@
 image: docker/compose
 services:
  - docker:dind
 cache:
  key: "$CI_COMMIT_REF_SLUG"
  paths:
    - /var/lib/docker
 # build:
 #   stage: build
 #   script:
 #     - cp utils/gitlabci/* .
 #     - docker-compose build
 UI_Test:
  stage: test
  script:
    - cp utils/gitlabci/* .
    - docker-compose up -d
    - ./utils/run_migrations.sh
    - ./utils/tests_cov.sh
    - docker-compose down
--- a/4
+++ b/4
@ -1,4 +1,4 @@
-FROM python:3.10
+FROM python:3.6
 RUN groupadd -g 5123 cdb && \
    useradd -r -u 5123 -g cdb cdb
@ -16,9 +16,7 @@ COPY utils utils
 COPY config.cfg config.cfg
 COPY migrations migrations
 COPY app app
 COPY translations translations
 RUN pybabel compile -d translations
 RUN chown -R cdb:cdb /home/cdb
 USER cdb
--- a/README.md
+++ b/README.md
@ -1,12 +1,10 @@
 # Content Database
-![Build Status](https://github.com/minetest/contentdb/actions/workflows/test.yml/badge.svg)
+[![Build status](https://gitlab.com/minetest/contentdb/badges/master/pipeline.svg)](https://gitlab.com/minetest/contentdb/pipelines)
 Content database for Minetest mods, games, and more.\
 Developed by rubenwardy, license AGPLv3.0+.
-See [Getting Started](docs/getting_started.md) for setting up a development/prodiction environment.
+See [Getting Started](docs/getting_started.md).
 See [Developer Intro](docs/dev_intro.md) for an overview of the code organisation.
 ## How-tos
--- a/app/init.py
+++ b/app/init.py
@ -13,60 +13,54 @@
 #
 # You should have received a copy of the GNU Affero General Public License
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
-import datetime
+
 from flask import *
 from flask_gravatar import Gravatar
 import flask_menu as menu
 from flask_mail import Mail
 from flask_github import GitHub
 from flask_wtf.csrf import CSRFProtect
 from flask_flatpages import FlatPages
-from flask_babel import Babel, gettext
+from flask_babel import Babel
 from flask_login import logout_user, current_user, LoginManager
 import os, redis
 from app.markdown import init_markdown, MARKDOWN_EXTENSIONS, MARKDOWN_EXTENSION_CONFIG
 app = Flask(__name__, static_folder="public/static")
 app.config["FLATPAGES_ROOT"] = "flatpages"
 app.config["FLATPAGES_EXTENSION"] = ".md"
-app.config["FLATPAGES_MARKDOWN_EXTENSIONS"] = MARKDOWN_EXTENSIONS
+app.config["FLATPAGES_MARKDOWN_EXTENSIONS"] = ["fenced_code", "tables", "codehilite", 'toc']
-app.config["FLATPAGES_EXTENSION_CONFIG"] = MARKDOWN_EXTENSION_CONFIG
+app.config["FLATPAGES_EXTENSION_CONFIG"] = {
-app.config["BABEL_TRANSLATION_DIRECTORIES"] = "../translations"
+	"fenced_code": {},
-app.config["LANGUAGES"] = {
+	"tables": {},
-	"en": "English",
+	"codehilite": {
-	"de": "Deutsch",
+		"linenums": "True"
-	"fr": "Français",
+	}
 	"id": "Bahasa Indonesia",
 	"ms": "Bahasa Melayu",
 	"ru": "русский язык",
 }
 app.config.from_pyfile(os.environ["FLASK_CONFIG"])
 r = redis.Redis.from_url(app.config["REDIS_URL"])
 menu.Menu(app=app)
 github = GitHub(app)
 csrf = CSRFProtect(app)
 mail = Mail(app)
 pages = FlatPages(app)
 babel = Babel(app)
 gravatar = Gravatar(app,
-		size=64,
+		size=58,
 		rating="g",
-		default="retro",
+		default="mp",
 		force_default=False,
 		force_lower=False,
 		use_ssl=True,
 		base_url=None)
 init_markdown(app)
 login_manager = LoginManager()
 login_manager.init_app(app)
 login_manager.login_view = "users.login"
-
+from .sass import sass
 from .sass import init_app as sass
 sass(app)
@ -75,8 +69,14 @@ if not app.debug and app.config["MAIL_UTILS_ERROR_SEND_TO"]:
 	app.logger.addHandler(build_handler(app))
-from . import models, template_filters
+from app.utils.markdown import init_app
 init_app(app)
 # @babel.localeselector
 # def get_locale():
 # 	return request.accept_languages.best_match(app.config["LANGUAGES"].keys())
 from . import models, template_filters
@login_manager.user_loader
 def load_user(user_id):
@ -90,6 +90,7 @@ create_blueprints(app)
 def send_upload(path):
 	return send_from_directory(app.config["UPLOAD_DIR"], path)
@menu.register_menu(app, ".help", "Help", order=19, endpoint_arguments_constructor=lambda: { "path": "help" })
@app.route("/<path:path>/")
 def flatpage(path):
 	page = pages.get_or_404(path)
@ -100,73 +101,16 @@ def flatpage(path):
 def check_for_ban():
 	if current_user.is_authenticated:
 		if current_user.rank == models.UserRank.BANNED:
-			flash(gettext("You have been banned."), "danger")
+			flash("You have been banned.", "danger")
 			logout_user()
 			return redirect(url_for("users.login"))
 		elif current_user.rank == models.UserRank.NOT_JOINED:
 			current_user.rank = models.UserRank.MEMBER
 			models.db.session.commit()
-from .utils import clearNotifications, is_safe_url
+from .utils import clearNotifications
@app.before_request
 def check_for_notifications():
 	if current_user.is_authenticated:
 		clearNotifications(request.path)
@app.errorhandler(404)
 def page_not_found(e):
 	return render_template("404.html"), 404
@babel.localeselector
 def get_locale():
 	if not request:
 		return None
 	locales = app.config["LANGUAGES"].keys()
 	if current_user.is_authenticated and current_user.locale in locales:
 		return current_user.locale
 	locale = request.cookies.get("locale")
 	if locale not in locales:
 		locale = request.accept_languages.best_match(locales)
 	if locale and current_user.is_authenticated:
 		new_session = models.db.create_session({})()
 		new_session.query(models.User) \
 			.filter(models.User.username == current_user.username) \
 			.update({ "locale": locale })
 		new_session.commit()
 		new_session.close()
 	return locale
@app.route("/set-locale/", methods=["POST"])
@csrf.exempt
 def set_locale():
 	locale = request.form.get("locale")
 	if locale not in app.config["LANGUAGES"].keys():
 		flash("Unknown locale {}".format(locale), "danger")
 		locale = None
 	next_url = request.form.get("r")
 	if next_url and is_safe_url(next_url):
 		resp = make_response(redirect(next_url))
 	else:
 		resp = make_response(redirect(url_for("homepage.home")))
 	if locale:
 		expire_date = datetime.datetime.now()
 		expire_date = expire_date + datetime.timedelta(days=5*365)
 		resp.set_cookie("locale", locale, expires=expire_date)
 		if current_user.is_authenticated:
 			current_user.locale = locale
 			models.db.session.commit()
 	return resp
--- a/app/blueprints/admin/actions.py
+++ b/app/blueprints/admin/actions.py
@ -1,338 +0,0 @@
 # ContentDB
 # Copyright (C) 2018-21 rubenwardy
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
 #
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU Affero General Public License for more details.
 #
 # You should have received a copy of the GNU Affero General Public License
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
 import os
 import sys
 from typing import List
 import requests
 from celery import group
 from flask import redirect, url_for, flash, current_app, jsonify
 from sqlalchemy import or_, and_
 from app.logic.game_support import GameSupportResolver
 from app.models import PackageRelease, db, Package, PackageState, PackageScreenshot, MetaPackage, User, \
 	NotificationType, PackageUpdateConfig, License, UserRank, PackageType, PackageGameSupport
 from app.tasks.emails import send_pending_digests
 from app.tasks.forumtasks import importTopicList, checkAllForumAccounts
 from app.tasks.importtasks import importRepoScreenshot, checkZipRelease, check_for_updates
 from app.utils import addNotification, get_system_user
 from app.utils.image import get_image_size
 actions = {}
 def action(title: str):
 	def func(f):
 		name = f.__name__
 		actions[name] = {
 			"title": title,
 			"func": f,
 		}
 		return f
 	return func
@action("Delete stuck releases")
 def del_stuck_releases():
 	PackageRelease.query.filter(PackageRelease.task_id.isnot(None)).delete()
 	db.session.commit()
 	return redirect(url_for("admin.admin_page"))
@action("Check ZIP releases")
 def check_releases():
 	releases = PackageRelease.query.filter(PackageRelease.url.like("/uploads/%")).all()
 	tasks = []
 	for release in releases:
 		tasks.append(checkZipRelease.s(release.id, release.file_path))
 	result = group(tasks).apply_async()
 	while not result.ready():
 		import time
 		time.sleep(0.1)
 	return redirect(url_for("todo.view_editor"))
@action("Check the first release of all packages")
 def reimport_packages():
 	tasks = []
 	for package in Package.query.filter(Package.state != PackageState.DELETED).all():
 		release = package.releases.first()
 		if release:
 			tasks.append(checkZipRelease.s(release.id, release.file_path))
 	result = group(tasks).apply_async()
 	while not result.ready():
 		import time
 		time.sleep(0.1)
 	return redirect(url_for("todo.view_editor"))
@action("Import forum topic list")
 def import_topic_list():
 	task = importTopicList.delay()
 	return redirect(url_for("tasks.check", id=task.id, r=url_for("todo.topics")))
@action("Check all forum accounts")
 def check_all_forum_accounts():
 	task = checkAllForumAccounts.delay()
 	return redirect(url_for("tasks.check", id=task.id, r=url_for("admin.admin_page")))
@action("Import screenshots")
 def import_screenshots():
 	packages = Package.query \
 		.filter(Package.state != PackageState.DELETED) \
 		.outerjoin(PackageScreenshot, Package.id == PackageScreenshot.package_id) \
 		.filter(PackageScreenshot.id.is_(None)) \
 		.all()
 	for package in packages:
 		importRepoScreenshot.delay(package.id)
 	return redirect(url_for("admin.admin_page"))
@action("Remove unused uploads")
 def clean_uploads():
 	upload_dir = current_app.config['UPLOAD_DIR']
 	(_, _, filenames) = next(os.walk(upload_dir))
 	existing_uploads = set(filenames)
 	if len(existing_uploads) != 0:
 		def get_filenames_from_column(column):
 			results = db.session.query(column).filter(column.isnot(None), column != "").all()
 			return set([os.path.basename(x[0]) for x in results])
 		release_urls = get_filenames_from_column(PackageRelease.url)
 		screenshot_urls = get_filenames_from_column(PackageScreenshot.url)
 		db_urls = release_urls.union(screenshot_urls)
 		unreachable = existing_uploads.difference(db_urls)
 		import sys
 		print("On Disk: ", existing_uploads, file=sys.stderr)
 		print("In DB: ", db_urls, file=sys.stderr)
 		print("Unreachable: ", unreachable, file=sys.stderr)
 		for filename in unreachable:
 			os.remove(os.path.join(upload_dir, filename))
 		flash("Deleted " + str(len(unreachable)) + " unreachable uploads", "success")
 	else:
 		flash("No downloads to create", "danger")
 	return redirect(url_for("admin.admin_page"))
@action("Delete unused metapackages")
 def del_meta_packages():
 	query = MetaPackage.query.filter(~MetaPackage.dependencies.any(), ~MetaPackage.packages.any())
 	count = query.count()
 	query.delete(synchronize_session=False)
 	db.session.commit()
 	flash("Deleted " + str(count) + " unused meta packages", "success")
 	return redirect(url_for("admin.admin_page"))
@action("Delete removed packages")
 def del_removed_packages():
 	query = Package.query.filter_by(state=PackageState.DELETED)
 	count = query.count()
 	for pkg in query.all():
 		pkg.review_thread = None
 		db.session.delete(pkg)
 	db.session.commit()
 	flash("Deleted {} soft deleted packages packages".format(count), "success")
 	return redirect(url_for("admin.admin_page"))
@action("Run update configs")
 def run_update_config():
 	check_for_updates.delay()
 	flash("Started update configs", "success")
 	return redirect(url_for("admin.admin_page"))
 def _package_list(packages: List[str]):
 	# Who needs translations?
 	if len(packages) >= 3:
 		packages[len(packages) - 1] = "and " + packages[len(packages) - 1]
 		packages_list = ", ".join(packages)
 	else:
 		packages_list = " and ".join(packages)
 	return packages_list
@action("Send WIP package notification")
 def remind_wip():
 	users = User.query.filter(User.packages.any(or_(Package.state == PackageState.WIP, Package.state == PackageState.CHANGES_NEEDED)))
 	system_user = get_system_user()
 	for user in users:
 		packages = db.session.query(Package.title).filter(
 				Package.author_id == user.id,
 				or_(Package.state == PackageState.WIP, Package.state==PackageState.CHANGES_NEEDED)) \
 			.all()
 		packages = [pkg[0] for pkg in packages]
 		packages_list = _package_list(packages)
 		havent = "haven't" if len(packages) > 1 else "hasn't"
 		if len(packages_list) + 54 > 100:
 			packages_list = packages_list[0:(100-54-1)] + "…"
 		addNotification(user, system_user, NotificationType.PACKAGE_APPROVAL,
 			f"Did you forget? {packages_list} {havent} been submitted for review yet",
 				url_for('todo.view_user', username=user.username))
 	db.session.commit()
@action("Send outdated package notification")
 def remind_outdated():
 	users = User.query.filter(User.maintained_packages.any(
 			Package.update_config.has(PackageUpdateConfig.outdated_at.isnot(None))))
 	system_user = get_system_user()
 	for user in users:
 		packages = db.session.query(Package.title).filter(
 				Package.maintainers.any(User.id==user.id),
 				Package.update_config.has(PackageUpdateConfig.outdated_at.isnot(None))) \
 			.all()
 		packages = [pkg[0] for pkg in packages]
 		packages_list = _package_list(packages)
 		addNotification(user, system_user, NotificationType.PACKAGE_APPROVAL,
 				f"The following packages may be outdated: {packages_list}",
 				url_for('todo.view_user', username=user.username))
 	db.session.commit()
@action("Import licenses from SPDX")
 def import_licenses():
 	renames = {
 		"GPLv2": "GPL-2.0-only",
 		"GPLv3": "GPL-3.0-only",
 		"AGPLv2": "AGPL-2.0-only",
 		"AGPLv3": "AGPL-3.0-only",
 		"LGPLv2.1": "LGPL-2.1-only",
 		"LGPLv3": "LGPL-3.0-only",
 		"Apache 2.0": "Apache-2.0",
 		"BSD 2-Clause / FreeBSD": "BSD-2-Clause-FreeBSD",
 		"BSD 3-Clause": "BSD-3-Clause",
 		"CC0": "CC0-1.0",
 		"CC BY 3.0": "CC-BY-3.0",
 		"CC BY 4.0": "CC-BY-4.0",
 		"CC BY-NC-SA 3.0": "CC-BY-NC-SA-3.0",
 		"CC BY-SA 3.0": "CC-BY-SA-3.0",
 		"CC BY-SA 4.0": "CC-BY-SA-4.0",
 		"NPOSLv3": "NPOSL-3.0",
 		"MPL 2.0": "MPL-2.0",
 		"EUPLv1.2": "EUPL-1.2",
 		"SIL Open Font License v1.1": "OFL-1.1",
 	}
 	for old_name, new_name in renames.items():
 		License.query.filter_by(name=old_name).update({ "name": new_name })
 	r = requests.get(
 			"https://raw.githubusercontent.com/spdx/license-list-data/master/json/licenses.json")
 	licenses = r.json()["licenses"]
 	existing_licenses = {}
 	for license in License.query.all():
 		assert license.name not in renames.keys()
 		existing_licenses[license.name.lower()] = license
 	for license in licenses:
 		obj = existing_licenses.get(license["licenseId"].lower())
 		if obj:
 			obj.url = license["reference"]
 		elif license.get("isOsiApproved") and license.get("isFsfLibre") and \
 				not license["isDeprecatedLicenseId"]:
 			obj = License(license["licenseId"], True, license["reference"])
 			db.session.add(obj)
 	db.session.commit()
@action("Delete inactive users")
 def delete_inactive_users():
 	users = User.query.filter(User.is_active == False, User.packages.is_(None), User.forum_topics.is_(None),
 			User.rank == UserRank.NOT_JOINED).all()
 	for user in users:
 		db.session.delete(user)
 	db.session.commit()
@action("Send Video URL notification")
 def remind_video_url():
 	users = User.query.filter(User.maintained_packages.any(
 			and_(Package.video_url.is_(None), Package.type==PackageType.GAME, Package.state==PackageState.APPROVED)))
 	system_user = get_system_user()
 	for user in users:
 		packages = db.session.query(Package.title).filter(
 				or_(Package.author==user, Package.maintainers.any(User.id==user.id)),
 				Package.video_url.is_(None),
 				Package.type == PackageType.GAME,
 				Package.state == PackageState.APPROVED) \
 			.all()
 		packages = [pkg[0] for pkg in packages]
 		packages_list = _package_list(packages)
 		addNotification(user, system_user, NotificationType.PACKAGE_APPROVAL,
 				f"You should add a video to {packages_list}",
 				url_for('users.profile', username=user.username))
 	db.session.commit()
@action("Update screenshot sizes")
 def update_screenshot_sizes():
 	import sys
 	for screenshot in PackageScreenshot.query.all():
 		width, height = get_image_size(screenshot.file_path)
 		print(f"{screenshot.url}: {width}, {height}", file=sys.stderr)
 		screenshot.width = width
 		screenshot.height = height
 	db.session.commit()
@action("Detect game support")
 def detect_game_support():
 	resolver = GameSupportResolver()
 	resolver.update_all()
 	db.session.commit()
@action("Send pending notif digests")
 def do_send_pending_digests():
 	send_pending_digests.delay()
--- a/app/blueprints/admin/admin.py
+++ b/app/blueprints/admin/admin.py
@ -14,15 +14,21 @@
 # You should have received a copy of the GNU Affero General Public License
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
-from flask import redirect, render_template, url_for, request, flash
+
 import os
 from celery import group
 from flask import *
 from flask_login import current_user, login_user
 from flask_wtf import FlaskForm
-from wtforms import StringField, SubmitField
+from wtforms import *
 from wtforms.validators import InputRequired, Length
-from app.utils import rank_required, addAuditLog, addNotification, get_system_user
+
 from app.models import *
 from app.tasks.forumtasks import importTopicList, checkAllForumAccounts
 from app.tasks.importtasks import importRepoScreenshot, checkZipRelease, check_for_updates
 from app.utils import rank_required, addAuditLog, addNotification
 from . import bp
 from .actions import actions
 from ...models import UserRank, Package, db, PackageState, User, AuditSeverity, NotificationType
@bp.route("/admin/", methods=["GET", "POST"])
@ -31,7 +37,63 @@ def admin_page():
 	if request.method == "POST":
 		action = request.form["action"]
-		if action == "restore":
+		if action == "delstuckreleases":
 			PackageRelease.query.filter(PackageRelease.task_id != None).delete()
 			db.session.commit()
 			return redirect(url_for("admin.admin_page"))
 		elif action == "checkreleases":
 			releases = PackageRelease.query.filter(PackageRelease.url.like("/uploads/%")).all()
 			tasks = []
 			for release in releases:
 				zippath = release.url.replace("/uploads/", app.config["UPLOAD_DIR"])
 				tasks.append(checkZipRelease.s(release.id, zippath))
 			result = group(tasks).apply_async()
 			while not result.ready():
 				import time
 				time.sleep(0.1)
 			return redirect(url_for("todo.view_editor"))
 		elif action == "reimportpackages":
 			tasks = []
 			for package in Package.query.filter(Package.state!=PackageState.DELETED).all():
 				release = package.releases.first()
 				if release:
 					zippath = release.url.replace("/uploads/", app.config["UPLOAD_DIR"])
 					tasks.append(checkZipRelease.s(release.id, zippath))
 			result = group(tasks).apply_async()
 			while not result.ready():
 				import time
 				time.sleep(0.1)
 			return redirect(url_for("todo.view_editor"))
 		elif action == "importmodlist":
 			task = importTopicList.delay()
 			return redirect(url_for("tasks.check", id=task.id, r=url_for("todo.topics")))
 		elif action == "checkusers":
 			task = checkAllForumAccounts.delay()
 			return redirect(url_for("tasks.check", id=task.id, r=url_for("admin.admin_page")))
 		elif action == "importscreenshots":
 			packages = Package.query \
 				.filter(Package.state!=PackageState.DELETED) \
 				.outerjoin(PackageScreenshot, Package.id==PackageScreenshot.package_id) \
 				.filter(PackageScreenshot.id==None) \
 				.all()
 			for package in packages:
 				importRepoScreenshot.delay(package.id)
 			return redirect(url_for("admin.admin_page"))
 		elif action == "restore":
 			package = Package.query.get(request.form["package"])
 			if package is None:
 				flash("Unknown package", "danger")
@ -40,17 +102,93 @@ def admin_page():
 				db.session.commit()
 				return redirect(url_for("admin.admin_page"))
-		elif action in actions:
+		elif action == "recalcscores":
-			ret = actions[action]["func"]()
+			for p in Package.query.all():
-			if ret:
+				p.recalcScore()
-				return ret
+
 			db.session.commit()
 			return redirect(url_for("admin.admin_page"))
 		elif action == "cleanuploads":
 			upload_dir = app.config['UPLOAD_DIR']
 			(_, _, filenames) = next(os.walk(upload_dir))
 			existing_uploads = set(filenames)
 			if len(existing_uploads) != 0:
 				def getURLsFromDB(column):
 					results = db.session.query(column).filter(column != None, column != "").all()
 					return set([os.path.basename(x[0]) for x in results])
 				release_urls = getURLsFromDB(PackageRelease.url)
 				screenshot_urls = getURLsFromDB(PackageScreenshot.url)
 				db_urls = release_urls.union(screenshot_urls)
 				unreachable = existing_uploads.difference(db_urls)
 				import sys
 				print("On Disk: ", existing_uploads, file=sys.stderr)
 				print("In DB: ", db_urls, file=sys.stderr)
 				print("Unreachable: ", unreachable, file=sys.stderr)
 				for filename in unreachable:
 					os.remove(os.path.join(upload_dir, filename))
 				flash("Deleted " + str(len(unreachable)) + " unreachable uploads", "success")
 			else:
 				flash("No downloads to create", "danger")
 			return redirect(url_for("admin.admin_page"))
 		elif action == "delmetapackages":
 			query = MetaPackage.query.filter(~MetaPackage.dependencies.any(), ~MetaPackage.packages.any())
 			count = query.count()
 			query.delete(synchronize_session=False)
 			db.session.commit()
 			flash("Deleted " + str(count) + " unused meta packages", "success")
 			return redirect(url_for("admin.admin_page"))
 		elif action == "delremovedpackages":
 			query = Package.query.filter_by(state=PackageState.DELETED)
 			count = query.count()
 			for pkg in query.all():
 				pkg.review_thread = None
 				db.session.delete(pkg)
 			db.session.commit()
 			flash("Deleted {} soft deleted packages packages".format(count), "success")
 			return redirect(url_for("admin.admin_page"))
 		elif action == "addupdateconfig":
 			added = 0
 			for pkg in Package.query.filter(Package.repo != None, Package.releases.any(), Package.update_config == None).all():
 				pkg.update_config = PackageUpdateConfig()
 				pkg.update_config.auto_created = True
 				release: PackageRelease = pkg.releases.first()
 				if release and release.commit_hash:
 					pkg.update_config.last_commit = release.commit_hash
 				db.session.add(pkg.update_config)
 				added += 1
 			db.session.commit()
 			flash("Added {} update configs".format(added), "success")
 			return redirect(url_for("admin.admin_page"))
 		elif action == "runupdateconfig":
 			check_for_updates.delay()
 			flash("Started update configs", "success")
 			return redirect(url_for("admin.admin_page"))
 		else:
 			flash("Unknown action: " + action, "danger")
-	deleted_packages = Package.query.filter(Package.state == PackageState.DELETED).all()
+	deleted_packages = Package.query.filter(Package.state==PackageState.DELETED).all()
-	return render_template("admin/list.html", deleted_packages=deleted_packages, actions=actions)
+	return render_template("admin/list.html", deleted_packages=deleted_packages)
 class SwitchUserForm(FlaskForm):
 	username = StringField("Username")
@ -70,13 +208,14 @@ def switch_user():
 		else:
 			flash("Unable to login as user", "danger")
 	# Process GET or invalid POST
 	return render_template("admin/switch_user.html", form=form)
 class SendNotificationForm(FlaskForm):
-	title = StringField("Title", [InputRequired(), Length(1, 300)])
+	title  = StringField("Title", [InputRequired(), Length(1, 300)])
-	url = StringField("URL", [InputRequired(), Length(1, 100)], default="/")
+	url    = StringField("URL", [InputRequired(), Length(1, 100)], default="/")
 	submit = SubmitField("Send")
@ -86,45 +225,12 @@ def send_bulk_notification():
 	form = SendNotificationForm(request.form)
 	if form.validate_on_submit():
 		addAuditLog(AuditSeverity.MODERATION, current_user,
-				"Sent bulk notification", url_for("admin.admin_page"), None, form.title.data)
+				"Sent bulk notification", None, None, form.title.data)
 		users = User.query.filter(User.rank >= UserRank.NEW_MEMBER).all()
-		addNotification(users, get_system_user(), NotificationType.OTHER, form.title.data, form.url.data, None)
+		addNotification(users, current_user, NotificationType.OTHER, form.title.data, form.url.data, None)
 		db.session.commit()
 		return redirect(url_for("admin.admin_page"))
 	return render_template("admin/send_bulk_notification.html", form=form)
@bp.route("/admin/restore/", methods=["GET", "POST"])
@rank_required(UserRank.EDITOR)
 def restore():
 	if request.method == "POST":
 		target = request.form["submit"]
 		if "Review" in target:
 			target = PackageState.READY_FOR_REVIEW
 		elif "Changes" in target:
 			target = PackageState.CHANGES_NEEDED
 		else:
 			target = PackageState.WIP
 		package = Package.query.get(request.form["package"])
 		if package is None:
 			flash("Unknown package", "danger")
 		else:
 			package.state = target
 			addAuditLog(AuditSeverity.EDITOR, current_user, f"Restored package to state {target.value}",
 					package.getURL("packages.view"), package)
 			db.session.commit()
 			return redirect(package.getURL("packages.view"))
 	deleted_packages = Package.query \
 		.filter(Package.state == PackageState.DELETED) \
 		.join(Package.author) \
 		.order_by(db.asc(User.username), db.asc(Package.name)) \
 		.all()
 	return render_template("admin/restore.html", deleted_packages=deleted_packages)
--- a/app/blueprints/admin/audit.py
+++ b/app/blueprints/admin/audit.py
@ -39,8 +39,8 @@ def audit():
 	return render_template("admin/audit.html", log=pagination.items, pagination=pagination)
-@bp.route("/admin/audit/<int:id_>/")
+@bp.route("/admin/audit/<int:id>/")
@rank_required(UserRank.MODERATOR)
-def audit_view(id_):
+def audit_view(id):
-	entry = AuditLogEntry.query.get(id_)
+	entry = AuditLogEntry.query.get(id)
 	return render_template("admin/audit_view.html", entry=entry)
--- a/app/blueprints/admin/email.py
+++ b/app/blueprints/admin/email.py
@ -14,17 +14,18 @@
 # You should have received a copy of the GNU Affero General Public License
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
-from flask import request, abort, url_for, redirect, render_template, flash
+
 from flask import *
 from flask_login import current_user
 from flask_wtf import FlaskForm
-from wtforms import TextAreaField, SubmitField, StringField
+from wtforms import *
-from wtforms.validators import InputRequired, Length
+from wtforms.validators import *
-from app.markdown import render_markdown
+from app.utils.markdown import render_markdown
 from app.models import *
 from app.tasks.emails import send_user_email
 from app.utils import rank_required, addAuditLog
 from . import bp
 from ...models import UserRank, User, AuditSeverity
 class SendEmailForm(FlaskForm):
@ -54,7 +55,7 @@ def send_single_email():
 		text = form.text.data
 		html = render_markdown(text)
-		task = send_user_email.delay(user.email, user.locale or "en",form.subject.data, text, html)
+		task = send_user_email.delay(user.email, form.subject.data, text, html)
 		return redirect(url_for("tasks.check", id=task.id, r=next_url))
 	return render_template("admin/send_email.html", form=form, user=user)
@ -66,12 +67,12 @@ def send_bulk_email():
 	form = SendEmailForm(request.form)
 	if form.validate_on_submit():
 		addAuditLog(AuditSeverity.MODERATION, current_user,
-				"Sent bulk email", url_for("admin.admin_page"), None, form.text.data)
+				"Sent bulk email", None, None, form.text.data)
 		text = form.text.data
 		html = render_markdown(text)
-		for user in User.query.filter(User.email.isnot(None)).all():
+		for user in User.query.filter(User.email != None).all():
-			send_user_email.delay(user.email, user.locale or "en", form.subject.data, text, html)
+			send_user_email.delay(user.email, form.subject.data, text, html)
 		return redirect(url_for("admin.admin_page"))
--- a/app/blueprints/admin/licenseseditor.py
+++ b/app/blueprints/admin/licenseseditor.py
@ -15,14 +15,14 @@
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
-from flask import redirect, render_template, abort, url_for, request, flash
+from flask import *
 from flask_wtf import FlaskForm
-from wtforms import StringField, BooleanField, SubmitField, URLField
+from wtforms import *
-from wtforms.validators import InputRequired, Length, Optional
+from wtforms.validators import *
-from app.utils import rank_required, nonEmptyOrNone
+from app.models import *
 from app.utils import rank_required
 from . import bp
 from ...models import UserRank, License, db
@bp.route("/licenses/")
@ -30,13 +30,10 @@ from ...models import UserRank, License, db
 def license_list():
 	return render_template("admin/licenses/list.html", licenses=License.query.order_by(db.asc(License.name)).all())
 class LicenseForm(FlaskForm):
-	name = StringField("Name", [InputRequired(), Length(3, 100)])
+	name	 = StringField("Name", [InputRequired(), Length(3,100)])
-	is_foss = BooleanField("Is FOSS")
+	is_foss  = BooleanField("Is FOSS")
-	url = URLField("URL", [Optional], filters=[nonEmptyOrNone])
+	submit   = SubmitField("Save")
 	submit = SubmitField("Save")
@bp.route("/licenses/new/", methods=["GET", "POST"])
@bp.route("/licenses/<name>/edit/", methods=["GET", "POST"])
--- a/app/blueprints/admin/tagseditor.py
+++ b/app/blueprints/admin/tagseditor.py
@ -15,14 +15,14 @@
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
-from flask import redirect, render_template, abort, url_for, request
+from flask import *
 from flask_login import current_user, login_required
 from flask_wtf import FlaskForm
-from wtforms import StringField, TextAreaField, BooleanField, SubmitField
+from wtforms import *
-from wtforms.validators import InputRequired, Length, Optional, Regexp
+from wtforms.validators import *
 from app.models import *
 from . import bp
 from ...models import Permission, Tag, db
@bp.route("/tags/")
@ -40,14 +40,11 @@ def tag_list():
 	return render_template("admin/tags/list.html", tags=query.all())
 class TagForm(FlaskForm):
-	title = StringField("Title", [InputRequired(), Length(3, 100)])
+	title	    = StringField("Title", [InputRequired(), Length(3,100)])
 	description = TextAreaField("Description", [Optional(), Length(0, 500)])
-	name = StringField("Name", [Optional(), Length(1, 20), Regexp("^[a-z0-9_]", 0, "Lower case letters (a-z), digits (0-9), and underscores (_) only")])
+	name        = StringField("Name", [Optional(), Length(1, 20), Regexp("^[a-z0-9_]", 0, "Lower case letters (a-z), digits (0-9), and underscores (_) only")])
-	is_protected = BooleanField("Is Protected")
+	submit      = SubmitField("Save")
 	submit = SubmitField("Save")
@bp.route("/tags/new/", methods=["GET", "POST"])
@bp.route("/tags/<name>/edit/", methods=["GET", "POST"])
@ -62,16 +59,14 @@ def create_edit_tag(name=None):
 	if not Permission.checkPerm(current_user, Permission.EDIT_TAGS if tag else Permission.CREATE_TAG):
 		abort(403)
-	form = TagForm( obj=tag)
+	form = TagForm(formdata=request.form, obj=tag)
 	if form.validate_on_submit():
 		if tag is None:
 			tag = Tag(form.title.data)
 			tag.description = form.description.data
 			tag.is_protected = form.is_protected.data
 			db.session.add(tag)
 		else:
 			form.populate_obj(tag)
 		db.session.commit()
 		if Permission.EDIT_TAGS.check(current_user):
--- a/app/blueprints/admin/versioneditor.py
+++ b/app/blueprints/admin/versioneditor.py
@ -15,14 +15,14 @@
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
-from flask import redirect, render_template, abort, url_for, request, flash
+from flask import *
 from flask_wtf import FlaskForm
-from wtforms import StringField, IntegerField, SubmitField
+from wtforms import *
-from wtforms.validators import InputRequired, Length
+from wtforms.validators import *
 from app.models import *
 from app.utils import rank_required
 from . import bp
 from ...models import UserRank, MinetestRelease, db
@bp.route("/versions/")
@ -30,12 +30,10 @@ from ...models import UserRank, MinetestRelease, db
 def version_list():
 	return render_template("admin/versions/list.html", versions=MinetestRelease.query.order_by(db.asc(MinetestRelease.id)).all())
 class VersionForm(FlaskForm):
-	name = StringField("Name", [InputRequired(), Length(3, 100)])
+	name	 = StringField("Name", [InputRequired(), Length(3,100)])
 	protocol = IntegerField("Protocol")
-	submit = SubmitField("Save")
+	submit   = SubmitField("Save")
@bp.route("/versions/new/", methods=["GET", "POST"])
@bp.route("/versions/<name>/edit/", methods=["GET", "POST"])
--- a/app/blueprints/admin/warningseditor.py
+++ b/app/blueprints/admin/warningseditor.py
@ -15,14 +15,14 @@
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
-from flask import redirect, render_template, abort, url_for, request, flash
+from flask import *
 from flask_wtf import FlaskForm
-from wtforms import StringField, TextAreaField, SubmitField
+from wtforms import *
-from wtforms.validators import InputRequired, Length, Optional, Regexp
+from wtforms.validators import *
 from app.models import *
 from app.utils import rank_required
 from . import bp
 from ...models import UserRank, ContentWarning, db
@bp.route("/admin/warnings/")
@ -30,14 +30,11 @@ from ...models import UserRank, ContentWarning, db
 def warning_list():
 	return render_template("admin/warnings/list.html", warnings=ContentWarning.query.order_by(db.asc(ContentWarning.title)).all())
 class WarningForm(FlaskForm):
-	title = StringField("Title", [InputRequired(), Length(3, 100)])
+	title	    = StringField("Title", [InputRequired(), Length(3,100)])
 	description = TextAreaField("Description", [Optional(), Length(0, 500)])
-	name = StringField("Name", [Optional(), Length(1, 20),
+	name        = StringField("Name", [Optional(), Length(1, 20), Regexp("^[a-z0-9_]", 0, "Lower case letters (a-z), digits (0-9), and underscores (_) only")])
-					Regexp("^[a-z0-9_]", 0, "Lower case letters (a-z), digits (0-9), and underscores (_) only")])
+	submit      = SubmitField("Save")
 	submit = SubmitField("Save")
@bp.route("/admin/warnings/new/", methods=["GET", "POST"])
@bp.route("/admin/warnings/<name>/edit/", methods=["GET", "POST"])
--- a/app/blueprints/api/endpoints.py
+++ b/app/blueprints/api/endpoints.py
@ -14,41 +14,21 @@
 # You should have received a copy of the GNU Affero General Public License
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
-import math
+from flask import request, jsonify, current_app, abort
 from typing import List
 import flask_sqlalchemy
 from flask import request, jsonify, current_app
 from flask_login import current_user, login_required
 from sqlalchemy.orm import joinedload
 from sqlalchemy.sql.expression import func
 from app import csrf
-from app.markdown import render_markdown
+from app.utils.markdown import render_markdown
-from app.models import Tag, PackageState, PackageType, Package, db, PackageRelease, Permission, ForumTopic, \
+from app.models import Tag, PackageState, PackageType, Package, db, PackageRelease, Permission, ForumTopic, MinetestRelease, APIToken, PackageScreenshot, License, ContentWarning
 	MinetestRelease, APIToken, PackageScreenshot, License, ContentWarning, User, PackageReview, Thread
 from app.querybuilder import QueryBuilder
-from app.utils import is_package_page, get_int_or_abort, url_set_query, abs_url, isYes
+from app.utils import is_package_page
 from . import bp
 from .auth import is_api_authd
-from .support import error, api_create_vcs_release, api_create_zip_release, api_create_screenshot, \
+from .support import error, api_create_vcs_release, api_create_zip_release, api_create_screenshot, api_order_screenshots, api_edit_package
 	api_order_screenshots, api_edit_package, api_set_cover_image
 from functools import wraps
 def cors_allowed(f):
 	@wraps(f)
 	def inner(*args, **kwargs):
 		res = f(*args, **kwargs)
 		res.headers["Access-Control-Allow-Origin"] = "*"
 		res.headers["Access-Control-Allow-Methods"] = "GET, POST, PUT, DELETE, OPTIONS"
 		res.headers["Access-Control-Allow-Headers"] = "Content-Type, Authorization"
 		return res
 	return inner
@bp.route("/api/packages/")
@cors_allowed
 def packages():
 	qb    = QueryBuilder(request.args)
 	query = qb.buildPackageQuery()
@ -64,7 +44,6 @@ def packages():
@bp.route("/api/packages/<author>/<name>/")
@is_package_page
@cors_allowed
 def package(package):
 	return jsonify(package.getAsDictionary(current_app.config["BASE_URL"]))
@ -73,7 +52,6 @@ def package(package):
@csrf.exempt
@is_package_page
@is_api_authd
@cors_allowed
 def edit_package(token, package):
 	if not token:
 		error(401, "Authentication needed")
@ -81,7 +59,7 @@ def edit_package(token, package):
 	return api_edit_package(token, package, request.json)
-def resolve_package_deps(out, package, only_hard, depth=1):
+def resolve_package_deps(out, package, only_hard):
 	id = package.getId()
 	if id in out:
 		return
@ -89,9 +67,6 @@ def resolve_package_deps(out, package, only_hard, depth=1):
 	ret = []
 	out[id] = ret
 	if package.type != PackageType.MOD:
 		return
 	for dep in package.dependencies:
 		if only_hard and dep.optional:
 			continue
@ -99,16 +74,12 @@ def resolve_package_deps(out, package, only_hard, depth=1):
 		if dep.package:
 			name = dep.package.name
 			fulfilled_by = [ dep.package.getId() ]
-			resolve_package_deps(out, dep.package, only_hard, depth)
+			resolve_package_deps(out, dep.package, only_hard)
 		elif dep.meta_package:
 			name = dep.meta_package.name
 			fulfilled_by = [ pkg.getId() for pkg in dep.meta_package.packages]
-
+			# TODO: resolve most likely candidate
 			if depth == 1 and not dep.optional:
 				most_likely = next((pkg for pkg in dep.meta_package.packages if pkg.type == PackageType.MOD), None)
 				if most_likely:
 					resolve_package_deps(out, most_likely, only_hard, depth + 1)
 		else:
 			raise Exception("Malformed dependency")
@ -122,7 +93,6 @@ def resolve_package_deps(out, package, only_hard, depth=1):
@bp.route("/api/packages/<author>/<name>/dependencies/")
@is_package_page
@cors_allowed
 def package_dependencies(package):
 	only_hard = request.args.get("only_hard")
@ -133,7 +103,6 @@ def package_dependencies(package):
@bp.route("/api/topics/")
@cors_allowed
 def topics():
 	qb     = QueryBuilder(request.args)
 	query  = qb.buildTopicQuery(show_added=True)
@ -146,11 +115,11 @@ def topic_set_discard():
 	tid = request.args.get("tid")
 	discard = request.args.get("discard")
 	if tid is None or discard is None:
-		error(400, "Missing topic ID or discard bool")
+		abort(400)
 	topic = ForumTopic.query.get(tid)
 	if not topic.checkPerm(current_user, Permission.TOPIC_DISCARD):
-		error(403, "Permission denied, need: TOPIC_DISCARD")
+		abort(403)
 	topic.discarded = discard == "true"
 	db.session.commit()
@ -160,7 +129,6 @@ def topic_set_discard():
@bp.route("/api/whoami/")
@is_api_authd
@cors_allowed
 def whoami(token):
 	if token is None:
 		return jsonify({ "is_authenticated": False, "username": None })
@ -174,32 +142,8 @@ def markdown():
 	return render_markdown(request.data.decode("utf-8"))
@bp.route("/api/releases/")
@cors_allowed
 def list_all_releases():
 	query = PackageRelease.query.filter_by(approved=True) \
 			.filter(PackageRelease.package.has(state=PackageState.APPROVED)) \
 			.order_by(db.desc(PackageRelease.releaseDate))
 	if "author" in request.args:
 		author = User.query.filter_by(username=request.args["author"]).first()
 		if author is None:
 			error(404, "Author not found")
 		query = query.filter(PackageRelease.package.has(author=author))
 	if "maintainer" in request.args:
 		maintainer = User.query.filter_by(username=request.args["maintainer"]).first()
 		if maintainer is None:
 			error(404, "Maintainer not found")
 		query = query.join(Package)
 		query = query.filter(Package.maintainers.any(id=maintainer.id))
 	return jsonify([ rel.getLongAsDictionary() for rel in query.limit(30).all() ])
@bp.route("/api/packages/<author>/<name>/releases/")
@is_package_page
@cors_allowed
 def list_releases(package):
 	return jsonify([ rel.getAsDictionary() for rel in package.releases.all() ])
@ -208,7 +152,6 @@ def list_releases(package):
@csrf.exempt
@is_package_page
@is_api_authd
@cors_allowed
 def create_release(token, package):
 	if not token:
 		error(401, "Authentication needed")
@ -232,9 +175,7 @@ def create_release(token, package):
 		if file is None:
 			error(400, "Missing 'file' in multipart body")
-		commit_hash = data.get("commit")
+		return api_create_zip_release(token, package, data["title"], file)
 		return api_create_zip_release(token, package, data["title"], file, None, None, "API", commit_hash)
 	else:
 		error(400, "Unknown release-creation method. Specify the method or provide a file.")
@ -242,7 +183,6 @@ def create_release(token, package):
@bp.route("/api/packages/<author>/<name>/releases/<int:id>/")
@is_package_page
@cors_allowed
 def release(package: Package, id: int):
 	release = PackageRelease.query.get(id)
 	if release is None or release.package != package:
@ -255,7 +195,6 @@ def release(package: Package, id: int):
@csrf.exempt
@is_package_page
@is_api_authd
@cors_allowed
 def delete_release(token: APIToken, package: Package, id: int):
 	release = PackageRelease.query.get(id)
 	if release is None or release.package != package:
@ -278,7 +217,6 @@ def delete_release(token: APIToken, package: Package, id: int):
@bp.route("/api/packages/<author>/<name>/screenshots/")
@is_package_page
@cors_allowed
 def list_screenshots(package):
 	screenshots = package.screenshots.all()
 	return jsonify([ss.getAsDictionary(current_app.config["BASE_URL"]) for ss in screenshots])
@ -288,7 +226,6 @@ def list_screenshots(package):
@csrf.exempt
@is_package_page
@is_api_authd
@cors_allowed
 def create_screenshot(token: APIToken, package: Package):
 	if not token:
 		error(401, "Authentication needed")
@ -304,12 +241,11 @@ def create_screenshot(token: APIToken, package: Package):
 	if file is None:
 		error(400, "Missing 'file' in multipart body")
-	return api_create_screenshot(token, package, data["title"], file, isYes(data.get("is_cover_image")))
+	return api_create_screenshot(token, package, data["title"], file)
@bp.route("/api/packages/<author>/<name>/screenshots/<int:id>/")
@is_package_page
@cors_allowed
 def screenshot(package, id):
 	ss = PackageScreenshot.query.get(id)
 	if ss is None or ss.package != package:
@ -322,7 +258,6 @@ def screenshot(package, id):
@csrf.exempt
@is_package_page
@is_api_authd
@cors_allowed
 def delete_screenshot(token: APIToken, package: Package, id: int):
 	ss = PackageScreenshot.query.get(id)
 	if ss is None or ss.package != package:
@ -351,13 +286,12 @@ def delete_screenshot(token: APIToken, package: Package, id: int):
@csrf.exempt
@is_package_page
@is_api_authd
@cors_allowed
 def order_screenshots(token: APIToken, package: Package):
 	if not token:
 		error(401, "Authentication needed")
 	if not package.checkPerm(token.owner, Permission.ADD_SCREENSHOTS):
-		error(403, "You do not have the permission to change screenshots")
+		error(403, "You do not have the permission to delete screenshots")
 	if not token.canOperateOnPackage(package):
 		error(403, "API token does not have access to the package")
@ -369,71 +303,7 @@ def order_screenshots(token: APIToken, package: Package):
 	return api_order_screenshots(token, package, request.json)
@bp.route("/api/packages/<author>/<name>/screenshots/cover-image/", methods=["POST"])
@csrf.exempt
@is_package_page
@is_api_authd
@cors_allowed
 def set_cover_image(token: APIToken, package: Package):
 	if not token:
 		error(401, "Authentication needed")
 	if not package.checkPerm(token.owner, Permission.ADD_SCREENSHOTS):
 		error(403, "You do not have the permission to change screenshots")
 	if not token.canOperateOnPackage(package):
 		error(403, "API token does not have access to the package")
 	json = request.json
 	if json is None or not isinstance(json, dict) or "cover_image" not in json:
 		error(400, "Expected body to be an object with cover_image as a key")
 	return api_set_cover_image(token, package, request.json["cover_image"])
@bp.route("/api/packages/<author>/<name>/reviews/")
@is_package_page
@cors_allowed
 def list_reviews(package):
 	reviews = package.reviews
 	return jsonify([review.getAsDictionary() for review in reviews])
@bp.route("/api/reviews/")
@cors_allowed
 def list_all_reviews():
 	page = get_int_or_abort(request.args.get("page"), 1)
 	num = min(get_int_or_abort(request.args.get("n"), 100), 100)
 	query = PackageReview.query
 	query = query.options(joinedload(PackageReview.author), joinedload(PackageReview.package))
 	if request.args.get("author"):
 		query = query.filter(PackageReview.author.has(User.username == request.args.get("author")))
 	if request.args.get("is_positive"):
 		query = query.filter(PackageReview.recommends == isYes(request.args.get("is_positive")))
 	q = request.args.get("q")
 	if q:
 		query = query.filter(PackageReview.thread.has(Thread.title.ilike(f"%{q}%")))
 	pagination: flask_sqlalchemy.Pagination = query.paginate(page, num, True)
 	return jsonify({
 		"page": pagination.page,
 		"per_page": pagination.per_page,
 		"page_count": math.ceil(pagination.total / pagination.per_page),
 		"total": pagination.total,
 		"urls": {
 			"previous": abs_url(url_set_query(page=page - 1)) if pagination.has_prev else None,
 			"next": abs_url(url_set_query(page=page + 1)) if pagination.has_next else None,
 		},
 		"items": [review.getAsDictionary(True) for review in pagination.items],
 	})
@bp.route("/api/scores/")
@cors_allowed
 def package_scores():
 	qb    = QueryBuilder(request.args)
 	query = qb.buildPackageQuery()
@ -443,32 +313,26 @@ def package_scores():
@bp.route("/api/tags/")
@cors_allowed
 def tags():
 	return jsonify([tag.getAsDictionary() for tag in Tag.query.all() ])
@bp.route("/api/content_warnings/")
@cors_allowed
 def content_warnings():
 	return jsonify([warning.getAsDictionary() for warning in ContentWarning.query.all() ])
@bp.route("/api/licenses/")
@cors_allowed
 def licenses():
 	return jsonify([ { "name": license.name, "is_foss": license.is_foss } \
 		for license in License.query.order_by(db.asc(License.name)).all() ])
@bp.route("/api/homepage/")
@cors_allowed
 def homepage():
 	query   = Package.query.filter_by(state=PackageState.APPROVED)
 	count   = query.count()
 	featured = query.filter(Package.tags.any(name="featured")).order_by(
 			func.random()).limit(6).all()
 	new     = query.order_by(db.desc(Package.approved_at)).limit(4).all()
 	pop_mod = query.filter_by(type=PackageType.MOD).order_by(db.desc(Package.score)).limit(8).all()
 	pop_gam = query.filter_by(type=PackageType.GAME).order_by(db.desc(Package.score)).limit(8).all()
@ -485,85 +349,22 @@ def homepage():
 	downloads_result = db.session.query(func.sum(Package.downloads)).one_or_none()
 	downloads = 0 if not downloads_result or not downloads_result[0] else downloads_result[0]
-	def mapPackages(packages: List[Package]):
+	def mapPackages(packages):
-		return [pkg.getAsDictionaryShort(current_app.config["BASE_URL"]) for pkg in packages]
+		return [pkg.getAsDictionaryKey() for pkg in packages]
-	return jsonify({
+	return {
 		"count": count,
 		"downloads": downloads,
 		"featured": mapPackages(featured),
 		"new": mapPackages(new),
 		"updated": mapPackages(updated),
 		"pop_mod": mapPackages(pop_mod),
 		"pop_txp": mapPackages(pop_txp),
 		"pop_game": mapPackages(pop_gam),
 		"high_reviewed": mapPackages(high_reviewed)
-	})
+	}
@bp.route("/api/welcome/v1/")
@cors_allowed
 def welcome_v1():
 	featured = Package.query \
 		.filter(Package.type == PackageType.GAME, Package.state == PackageState.APPROVED,
 				Package.tags.any(name="featured")) \
 		.order_by(func.random()) \
 		.limit(5).all()
 	mtg = Package.query.filter(Package.author.has(username="Minetest"), Package.name == "minetest_game").one()
 	featured.insert(2, mtg)
 	def map_packages(packages: List[Package]):
 		return [pkg.getAsDictionaryShort(current_app.config["BASE_URL"]) for pkg in packages]
 	return jsonify({
 		"featured": map_packages(featured),
 	})
@bp.route("/api/minetest_versions/")
@cors_allowed
 def versions():
 	protocol_version = request.args.get("protocol_version")
 	engine_version = request.args.get("engine_version")
 	if protocol_version or engine_version:
 		rel = MinetestRelease.get(engine_version, get_int_or_abort(protocol_version))
 		if rel is None:
 			error(404, "No releases found")
 		return jsonify(rel.getAsDictionary())
 	return jsonify([rel.getAsDictionary() \
 			for rel in MinetestRelease.query.all() if rel.getActual() is not None])
@bp.route("/api/dependencies/")
@cors_allowed
 def all_deps():
 	qb = QueryBuilder(request.args)
 	query = qb.buildPackageQuery()
 	def format_pkg(pkg: Package):
 		return {
 			"type": pkg.type.toName(),
 			"author": pkg.author.username,
 			"name": pkg.name,
 			"provides": [x.name for x in pkg.provides],
 			"depends": [str(x) for x in pkg.dependencies if not x.optional],
 			"optional_depends": [str(x) for x in pkg.dependencies if x.optional],
 		}
 	page = get_int_or_abort(request.args.get("page"), 1)
 	num = min(get_int_or_abort(request.args.get("n"), 100), 300)
 	pagination: flask_sqlalchemy.Pagination = query.paginate(page, num, True)
 	return jsonify({
 		"page": pagination.page,
 		"per_page": pagination.per_page,
 		"page_count": math.ceil(pagination.total / pagination.per_page),
 		"total": pagination.total,
 		"urls": {
 			"previous": abs_url(url_set_query(page=page - 1)) if pagination.has_prev else None,
 			"next": abs_url(url_set_query(page=page + 1)) if pagination.has_next else None,
 		},
 		"items": [format_pkg(pkg) for pkg in pagination.items],
 	})
--- a/app/blueprints/api/support.py
+++ b/app/blueprints/api/support.py
@ -19,7 +19,7 @@ from flask import jsonify, abort, make_response, url_for, current_app
 from app.logic.packages import do_edit_package
 from app.logic.releases import LogicError, do_create_vcs_release, do_create_zip_release
-from app.logic.screenshots import do_create_screenshot, do_order_screenshots, do_set_cover_image
+from app.logic.screenshots import do_create_screenshot, do_order_screenshots
 from app.models import APIToken, Package, MinetestRelease, PackageScreenshot
@ -54,13 +54,13 @@ def api_create_vcs_release(token: APIToken, package: Package, title: str, ref: s
 def api_create_zip_release(token: APIToken, package: Package, title: str, file,
-		min_v: MinetestRelease = None, max_v: MinetestRelease = None, reason="API", commit_hash:str=None):
+		min_v: MinetestRelease = None, max_v: MinetestRelease = None, reason="API"):
 	if not token.canOperateOnPackage(package):
 		error(403, "API token does not have access to the package")
 	reason += ", token=" + token.name
-	rel = guard(do_create_zip_release)(token.owner, package, title, file, min_v, max_v, reason, commit_hash)
+	rel = guard(do_create_zip_release)(token.owner, package, title, file, min_v, max_v, reason)
 	return jsonify({
 		"success": True,
@ -69,13 +69,13 @@ def api_create_zip_release(token: APIToken, package: Package, title: str, file,
 	})
-def api_create_screenshot(token: APIToken, package: Package, title: str, file, is_cover_image: bool, reason="API"):
+def api_create_screenshot(token: APIToken, package: Package, title: str, file, reason="API"):
 	if not token.canOperateOnPackage(package):
 		error(403, "API token does not have access to the package")
 	reason += ", token=" + token.name
-	ss : PackageScreenshot = guard(do_create_screenshot)(token.owner, package, title, file, is_cover_image, reason)
+	ss : PackageScreenshot = guard(do_create_screenshot)(token.owner, package, title, file, reason)
 	return jsonify({
 		"success": True,
@ -94,24 +94,13 @@ def api_order_screenshots(token: APIToken, package: Package, order: [any]):
 	})
 def api_set_cover_image(token: APIToken, package: Package, cover_image):
 	if not token.canOperateOnPackage(package):
 		error(403, "API token does not have access to the package")
 	guard(do_set_cover_image)(token.owner, package, cover_image)
 	return jsonify({
 		"success": True
 	})
 def api_edit_package(token: APIToken, package: Package, data: dict, reason: str = "API"):
 	if not token.canOperateOnPackage(package):
 		error(403, "API token does not have access to the package")
 	reason += ", token=" + token.name
-	package = guard(do_edit_package)(token.owner, package, False, False, data, reason)
+	package = guard(do_edit_package)(token.owner, package, False, data, reason)
 	return jsonify({
 		"success": True,
--- a/app/blueprints/api/tokens.py
+++ b/app/blueprints/api/tokens.py
@ -16,11 +16,10 @@
 from flask import render_template, redirect, request, session, url_for, abort
 from flask_babel import lazy_gettext
 from flask_login import login_required, current_user
 from flask_wtf import FlaskForm
 from wtforms import *
-from wtforms_sqlalchemy.fields import QuerySelectField
+from wtforms.ext.sqlalchemy.fields import QuerySelectField
 from wtforms.validators import *
 from app.models import db, User, APIToken, Package, Permission
@ -30,10 +29,10 @@ from ..users.settings import get_setting_tabs
 class CreateAPIToken(FlaskForm):
-	name	     = StringField(lazy_gettext("Name"), [InputRequired(), Length(1, 30)])
+	name	     = StringField("Name", [InputRequired(), Length(1, 30)])
-	package      = QuerySelectField(lazy_gettext("Limit to package"), allow_blank=True,
+	package      = QuerySelectField("Limit to package", allow_blank=True,
 			get_pk=lambda a: a.id, get_label=lambda a: a.title)
-	submit	     = SubmitField(lazy_gettext("Save"))
+	submit	     = SubmitField("Save")
@bp.route("/user/tokens/")
--- a/app/blueprints/github/init.py
+++ b/app/blueprints/github/init.py
@ -15,7 +15,6 @@
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
 from flask import Blueprint
 from flask_babel import gettext
 bp = Blueprint("github", __name__)
@ -43,7 +42,7 @@ def view_permissions():
 def callback(oauth_token):
 	next_url = request.args.get("next")
 	if oauth_token is None:
-		flash(gettext("Authorization failed [err=gh-oauth-login-failed]"), "danger")
+		flash("Authorization failed [err=gh-oauth-login-failed]", "danger")
 		return redirect(url_for("users.login"))
 	# Get Github username
@ -59,28 +58,30 @@ def callback(oauth_token):
 		if userByGithub is None:
 			current_user.github_username = username
 			db.session.commit()
-			flash(gettext("Linked GitHub to account"), "success")
+			flash("Linked github to account", "success")
 			return redirect(url_for("homepage.home"))
 		else:
-			flash(gettext("GitHub account is already associated with another user"), "danger")
+			flash("Github account is already associated with another user", "danger")
 			return redirect(url_for("homepage.home"))
 	# If not logged in, log in
 	else:
 		if userByGithub is None:
-			flash(gettext("Unable to find an account for that GitHub user"), "danger")
+			flash("Unable to find an account for that Github user", "danger")
 			return redirect(url_for("users.claim_forums"))
 		elif login_user_set_active(userByGithub, remember=True):
 			addAuditLog(AuditSeverity.USER, userByGithub, "Logged in using GitHub OAuth",
 					url_for("users.profile", username=userByGithub.username))
 			db.session.commit()
-		ret = login_user_set_active(userByGithub, remember=True)
+			if not current_user.password:
-		if ret is None:
+				return redirect(next_url or url_for("users.set_password", optional=True))
-			flash(gettext("Authorization failed [err=gh-login-failed]"), "danger")
+			else:
 				return redirect(next_url or url_for("homepage.home"))
 		else:
 			flash("Authorization failed [err=gh-login-failed]", "danger")
 			return redirect(url_for("users.login"))
 		addAuditLog(AuditSeverity.USER, userByGithub, "Logged in using GitHub OAuth",
 				url_for("users.profile", username=userByGithub.username))
 		db.session.commit()
 		return ret
@bp.route("/github/webhook/", methods=["POST"])
@csrf.exempt
@ -133,27 +134,13 @@ def webhook():
 	if event == "push":
 		ref = json["after"]
 		title = json["head_commit"]["message"].partition("\n")[0]
-		branch = json["ref"].replace("refs/heads/", "")
+	elif event == "create" and json["ref_type"] == "tag":
 		if branch not in [ "master", "main" ]:
 			return jsonify({ "success": False, "message": "Webhook ignored, as it's not on the master/main branch" })
 	elif event == "create":
 		ref_type = json.get("ref_type")
 		if ref_type != "tag":
 			return jsonify({
 					"success": False,
 					"message": "Webhook ignored, as it's a non-tag create event. ref_type='{}'.".format(ref_type)
 			})
 		ref = json["ref"]
 		title = ref
 	elif event == "ping":
 		return jsonify({ "success": True, "message": "Ping successful" })
 	else:
-		return error(400, "Unsupported event: '{}'. Only 'push', 'create:tag', and 'ping' are supported."
+		return error(400, "Unsupported event. Only 'push', `create:tag`, and 'ping' are supported.")
 				.format(event or "null"))
 	#
 	# Perform release
--- a/app/blueprints/gitlab/init.py
+++ b/app/blueprints/gitlab/init.py
@ -14,7 +14,7 @@
 # You should have received a copy of the GNU Affero General Public License
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
-from flask import Blueprint, request, jsonify
+from flask import Blueprint, request
 bp = Blueprint("gitlab", __name__)
@ -53,18 +53,11 @@ def webhook_impl():
 	if event == "push":
 		ref = json["after"]
 		title = ref[:5]
 		branch = json["ref"].replace("refs/heads/", "")
 		if branch not in ["master", "main"]:
 			return jsonify({"success": False,
 				"message": "Webhook ignored, as it's not on the master/main branch"})
 	elif event == "tag_push":
 		ref = json["ref"]
 		title = ref.replace("refs/tags/", "")
 	else:
-		return error(400, "Unsupported event: '{}'. Only 'push', 'create:tag', and 'ping' are supported."
+		return error(400, "Unsupported event. Only 'push' and 'tag_push' are supported.")
 					 .format(event or "null"))
 	#
 	# Perform release
--- a/app/blueprints/homepage/init.py
+++ b/app/blueprints/homepage/init.py
@ -1,12 +1,14 @@
-from flask import Blueprint, render_template, redirect
+from flask import Blueprint, render_template
 from sqlalchemy import func
 bp = Blueprint("homepage", __name__)
 from app.models import *
 import flask_menu as menu
 from sqlalchemy.orm import joinedload
 from sqlalchemy.sql.expression import func
@menu.register_menu(bp, ".", "Home")
@bp.route("/")
 def home():
 	def join(query):
@ -17,8 +19,6 @@ def home():
 	query   = Package.query.filter_by(state=PackageState.APPROVED)
 	count   = query.count()
 	featured = query.filter(Package.tags.any(name="featured")).order_by(func.random()).limit(6).all()
 	new     = join(query.order_by(db.desc(Package.approved_at))).limit(4).all()
 	pop_mod = join(query.filter_by(type=PackageType.MOD).order_by(db.desc(Package.score))).limit(8).all()
 	pop_gam = join(query.filter_by(type=PackageType.GAME).order_by(db.desc(Package.score))).limit(8).all()
@ -40,5 +40,15 @@ def home():
 	tags = db.session.query(func.count(Tags.c.tag_id), Tag) \
 		.select_from(Tag).outerjoin(Tags).group_by(Tag.id).order_by(db.asc(Tag.title)).all()
-	return render_template("index.html", count=count, downloads=downloads, tags=tags, featured=featured,
+	return render_template("index.html", count=count, downloads=downloads, tags=tags,
 			new=new, updated=updated, pop_mod=pop_mod, pop_txp=pop_txp, pop_gam=pop_gam, high_reviewed=high_reviewed, reviews=reviews)
@menu.register_menu(bp, ".mods", "Mods", order=11, endpoint_arguments_constructor=lambda: { 'type': 'mod' })
@menu.register_menu(bp, ".games", "Games", order=12, endpoint_arguments_constructor=lambda: { 'type': 'game' })
@menu.register_menu(bp, ".txp", "Texture Packs", order=13, endpoint_arguments_constructor=lambda: { 'type': 'txp' })
@bp.route("/games/", defaults={ "type": "GAME" })
@bp.route("/mods/", defaults={ "type": "MOD" })
@bp.route("/texture_packs/", defaults={ "type": "TXP" })
 def type_page(type_name):
 	return type_name
--- a/app/blueprints/metapackages/init.py
+++ b/app/blueprints/metapackages/init.py
@ -53,11 +53,12 @@ def view(name):
 		.filter(Dependency.optional==True, Package.state==PackageState.APPROVED) \
 		.all()
-	similar_topics = ForumTopic.query \
+	similar_topics = None
-		.filter_by(name=name) \
+	if mpackage.packages.filter_by(state=PackageState.APPROVED).count() == 0:
-		.filter(~ db.exists().where(Package.forums == ForumTopic.topic_id)) \
+		similar_topics = ForumTopic.query \
-		.order_by(db.asc(ForumTopic.name), db.asc(ForumTopic.title)) \
+				.filter_by(name=name) \
-		.all()
+				.order_by(db.asc(ForumTopic.name), db.asc(ForumTopic.title)) \
 				.all()
 	return render_template("metapackages/view.html", mpackage=mpackage,
 			dependers=dependers, optional_dependers=optional_dependers,
--- a/app/blueprints/metrics/init.py
+++ b/app/blueprints/metrics/init.py
@ -50,9 +50,9 @@ def generate_metrics(full=False):
 	users = User.query.filter(User.rank != UserRank.NOT_JOINED).count()
 	ret = ""
-	ret += write_single_stat("contentdb_packages", "Total packages", "gauge", packages)
+	ret += write_single_stat("contentdb_packages", "Total packages", "counter", packages)
-	ret += write_single_stat("contentdb_users", "Number of registered users", "gauge", users)
+	ret += write_single_stat("contentdb_users", "Number of registered users", "counter", users)
-	ret += write_single_stat("contentdb_downloads", "Total downloads", "gauge", downloads)
+	ret += write_single_stat("contentdb_downloads", "Total downloads", "counter", downloads)
 	if full:
 		scores = Package.query.join(User).with_entities(User.username, Package.name, Package.score) \
--- a/app/blueprints/packages/init.py
+++ b/app/blueprints/packages/init.py
@ -15,54 +15,7 @@
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
 from flask import Blueprint
 from flask_babel import gettext
 from app.models import User, Package, Permission
 bp = Blueprint("packages", __name__)
-
+from . import packages, screenshots, releases, reviews
 def get_package_tabs(user: User, package: Package):
 	if package is None or not package.checkPerm(user, Permission.EDIT_PACKAGE):
 		return []
 	return [
 		{
 			"id": "edit",
 			"title": gettext("Edit Details"),
 			"url": package.getURL("packages.create_edit")
 		},
 		{
 			"id": "releases",
 			"title": gettext("Releases"),
 			"url": package.getURL("packages.list_releases")
 		},
 		{
 			"id": "screenshots",
 			"title": gettext("Screenshots"),
 			"url": package.getURL("packages.screenshots")
 		},
 		{
 			"id": "maintainers",
 			"title": gettext("Maintainers"),
 			"url": package.getURL("packages.edit_maintainers")
 		},
 		{
 			"id": "audit",
 			"title": gettext("Audit Log"),
 			"url": package.getURL("packages.audit")
 		},
 		{
 			"id": "share",
 			"title": gettext("Share and Badges"),
 			"url": package.getURL("packages.share")
 		},
 		{
 			"id": "remove",
 			"title": gettext("Remove"),
 			"url": package.getURL("packages.remove")
 		}
 	]
 from . import packages, screenshots, releases, reviews, game_hub
--- a/app/blueprints/packages/game_hub.py
+++ b/app/blueprints/packages/game_hub.py
@ -1,54 +0,0 @@
 # ContentDB
 # Copyright (C) 2022 rubenwardy
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
 #
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU Affero General Public License for more details.
 #
 # You should have received a copy of the GNU Affero General Public License
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
 from flask import render_template, abort
 from sqlalchemy.orm import joinedload
 from . import bp
 from app.utils import is_package_page
 from ...models import Package, PackageType, PackageState, db, PackageRelease
@bp.route("/packages/<author>/<name>/hub/")
@is_package_page
 def game_hub(package: Package):
 	if package.type != PackageType.GAME:
 		abort(404)
 	def join(query):
 		return query.options(
 			joinedload(Package.license),
 			joinedload(Package.media_license))
 	query = Package.query.filter(Package.supported_games.any(game=package), Package.state==PackageState.APPROVED)
 	count = query.count()
 	new = join(query.order_by(db.desc(Package.approved_at))).limit(4).all()
 	pop_mod = join(query.filter_by(type=PackageType.MOD).order_by(db.desc(Package.score))).limit(8).all()
 	pop_gam = join(query.filter_by(type=PackageType.GAME).order_by(db.desc(Package.score))).limit(8).all()
 	pop_txp = join(query.filter_by(type=PackageType.TXP).order_by(db.desc(Package.score))).limit(8).all()
 	high_reviewed = join(query.order_by(db.desc(Package.score - Package.score_downloads))) \
 		.filter(Package.reviews.any()).limit(4).all()
 	updated = db.session.query(Package).select_from(PackageRelease).join(Package) \
 		.filter(Package.supported_games.any(game=package), Package.state==PackageState.APPROVED) \
 		.order_by(db.desc(PackageRelease.releaseDate)) \
 		.limit(20).all()
 	updated = updated[:4]
 	return render_template("packages/game_hub.html", package=package, count=count,
 			new=new, updated=updated, pop_mod=pop_mod, pop_txp=pop_txp, pop_gam=pop_gam,
 			high_reviewed=high_reviewed)
--- a/app/blueprints/packages/packages.py
+++ b/app/blueprints/packages/packages.py
@ -17,27 +17,27 @@
 from urllib.parse import quote as urlescape
-from flask import render_template
+import flask_menu as menu
-from flask_babel import lazy_gettext, gettext
+from celery import uuid
 from flask import render_template, flash
 from flask_wtf import FlaskForm
 from flask_login import login_required
 from sqlalchemy import or_, func
 from sqlalchemy.orm import joinedload, subqueryload
 from wtforms import *
-from wtforms_sqlalchemy.fields import QuerySelectField, QuerySelectMultipleField
+from wtforms.ext.sqlalchemy.fields import QuerySelectField, QuerySelectMultipleField
 from wtforms.validators import *
 from app.querybuilder import QueryBuilder
 from app.rediscache import has_key, set_key
-from app.tasks.importtasks import importRepoScreenshot
+from app.tasks.importtasks import importRepoScreenshot, checkZipRelease
 from app.utils import *
-from . import bp, get_package_tabs
+from . import bp
-from app.logic.LogicError import LogicError
+from ...logic.LogicError import LogicError
-from app.logic.packages import do_edit_package
+from ...logic.packages import do_edit_package
 from app.models.packages import PackageProvides
 from app.tasks.webhooktasks import post_discord_webhook
@menu.register_menu(bp, ".random", "Random", order=14, endpoint_arguments_constructor=lambda: { 'random': '1', 'lucky': '1' })
@bp.route("/packages/")
 def list_all():
 	qb    = QueryBuilder(request.args)
@ -67,7 +67,7 @@ def list_all():
 	if qb.lucky:
 		package = query.first()
 		if package:
-			return redirect(package.getURL("packages.view"))
+			return redirect(package.getDetailsURL())
 		topic = qb.buildTopicQuery().first()
 		if qb.search and topic:
@ -100,7 +100,7 @@ def list_all():
 	selected_tags = set(qb.tags)
 	return render_template("packages/list.html",
-			query_hint=title, packages=query.items, pagination=query,
+			title=title, packages=query.items, pagination=query,
 			query=search, tags=tags, selected_tags=selected_tags, type=type_name,
 			authors=authors, packages_count=query.total, topics=topics)
@ -115,36 +115,26 @@ def getReleases(package):
@bp.route("/packages/<author>/<name>/")
@is_package_page
 def view(package):
-	show_similar = not package.approved and (
+	alternatives = None
-			current_user in package.maintainers or
+	if package.type == PackageType.MOD:
-				package.checkPerm(current_user, Permission.APPROVE_NEW))
+		alternatives = Package.query \
 			.filter_by(name=package.name, type=PackageType.MOD) \
 			.filter(Package.id != package.id, Package.state!=PackageState.DELETED) \
 			.order_by(db.desc(Package.score)) \
 			.all()
 	conflicting_modnames = None
 	if show_similar and package.type != PackageType.TXP:
 		conflicting_modnames = db.session.query(MetaPackage.name) \
 				.filter(MetaPackage.id.in_([ mp.id for mp in package.provides ])) \
 				.filter(MetaPackage.packages.any(Package.id != package.id)) \
 				.all()
-		conflicting_modnames += db.session.query(ForumTopic.name) \
+	show_similar_topics = current_user == package.author or \
-				.filter(ForumTopic.name.in_([ mp.name for mp in package.provides ])) \
+			package.checkPerm(current_user, Permission.APPROVE_NEW)
 	similar_topics = None if not show_similar_topics else \
 			ForumTopic.query \
 				.filter_by(name=package.name) \
 				.filter(ForumTopic.topic_id != package.forums) \
 				.filter(~ db.exists().where(Package.forums==ForumTopic.topic_id)) \
 				.order_by(db.asc(ForumTopic.name), db.asc(ForumTopic.title)) \
 				.all()
 		conflicting_modnames = set([x[0] for x in conflicting_modnames])
 	packages_uses = None
 	if package.type == PackageType.MOD:
 		packages_uses = Package.query.filter(
 				Package.type == PackageType.MOD,
 				Package.id != package.id,
 				Package.state == PackageState.APPROVED,
 				Package.dependencies.any(
 						Dependency.meta_package_id.in_([p.id for p in package.provides]))) \
 			.order_by(db.desc(Package.score)).limit(6).all()
 	releases = getReleases(package)
 	review_thread = package.review_thread
@ -156,16 +146,16 @@ def view(package):
 	if package.state != PackageState.APPROVED and package.forums is not None:
 		errors = []
 		if Package.query.filter(Package.forums==package.forums, Package.state!=PackageState.DELETED).count() > 1:
-			errors.append("<b>" + gettext("Error: Another package already uses this forum topic!") + "</b>")
+			errors.append("<b>Error: Another package already uses this forum topic!</b>")
 			topic_error_lvl = "danger"
 		topic = ForumTopic.query.get(package.forums)
 		if topic is not None:
 			if topic.author != package.author:
-				errors.append("<b>" + gettext("Error: Forum topic author doesn't match package author.") + "</b>")
+				errors.append("<b>Error: Forum topic author doesn't match package author.</b>")
 				topic_error_lvl = "danger"
 		elif package.type != PackageType.TXP:
-			errors.append(gettext("Warning: Forum topic not found. This may happen if the topic has only just been created."))
+			errors.append("Warning: Forum topic not found. This may happen if the topic has only just been created.")
 		topic_error = "<br />".join(errors)
@ -173,14 +163,14 @@ def view(package):
 	threads = Thread.query.filter_by(package_id=package.id, review_id=None)
 	if not current_user.is_authenticated:
 		threads = threads.filter_by(private=False)
-	elif not current_user.rank.atLeast(UserRank.APPROVER) and not current_user == package.author:
+	elif not current_user.rank.atLeast(UserRank.EDITOR) and not current_user == package.author:
 		threads = threads.filter(or_(Thread.private == False, Thread.author == current_user))
 	has_review = current_user.is_authenticated and PackageReview.query.filter_by(package=package, author=current_user).count() > 0
 	return render_template("packages/view.html",
-			package=package, releases=releases, packages_uses=packages_uses,
+			package=package, releases=releases,
-			conflicting_modnames=conflicting_modnames,
+			alternatives=alternatives, similar_topics=similar_topics,
 			review_thread=review_thread, topic_error=topic_error, topic_error_lvl=topic_error_lvl,
 			threads=threads.all(), has_review=has_review)
@ -189,7 +179,7 @@ def view(package):
@is_package_page
 def shield(package, type):
 	if type == "title":
-		url = "https://img.shields.io/static/v1?label=ContentDB&message={}&color={}" \
+		url = "https://img.shields.io/badge/ContentDB-{}-{}" \
 			.format(urlescape(package.title), urlescape("#375a7f"))
 	elif type == "downloads":
 		#api_url = abs_url_for("api.package", author=package.author.username, name=package.name)
@ -212,10 +202,10 @@ def download(package):
 				not "text/html" in request.accept_mimetypes:
 			return "", 204
 		else:
-			flash(gettext("No download available."), "danger")
+			flash("No download available.", "danger")
-			return redirect(package.getURL("packages.view"))
+			return redirect(package.getDetailsURL())
 	else:
-		return redirect(release.getDownloadURL())
+		return redirect(release.getDownloadURL(), code=302)
 def makeLabel(obj):
@ -224,29 +214,25 @@ def makeLabel(obj):
 	else:
 		return obj.title
 class PackageForm(FlaskForm):
-	type             = SelectField(lazy_gettext("Type"), [InputRequired()], choices=PackageType.choices(), coerce=PackageType.coerce, default=PackageType.MOD)
+	type             = SelectField("Type", [InputRequired()], choices=PackageType.choices(), coerce=PackageType.coerce, default=PackageType.MOD)
-	title            = StringField(lazy_gettext("Title (Human-readable)"), [InputRequired(), Length(1, 100)])
+	title            = StringField("Title (Human-readable)", [InputRequired(), Length(3, 100)])
-	name             = StringField(lazy_gettext("Name (Technical)"), [InputRequired(), Length(1, 100), Regexp("^[a-z0-9_]+$", 0, lazy_gettext("Lower case letters (a-z), digits (0-9), and underscores (_) only"))])
+	name             = StringField("Name (Technical)", [InputRequired(), Length(1, 100), Regexp("^[a-z0-9_]+$", 0, "Lower case letters (a-z), digits (0-9), and underscores (_) only")])
-	short_desc       = StringField(lazy_gettext("Short Description (Plaintext)"), [InputRequired(), Length(1,200)])
+	short_desc       = StringField("Short Description (Plaintext)", [InputRequired(), Length(1,200)])
-	dev_state        = SelectField(lazy_gettext("Maintenance State"), [InputRequired()], choices=PackageDevState.choices(with_none=True), coerce=PackageDevState.coerce)
+	tags             = QuerySelectMultipleField('Tags', query_factory=lambda: Tag.query.order_by(db.asc(Tag.name)), get_pk=lambda a: a.id, get_label=makeLabel)
 	content_warnings = QuerySelectMultipleField('Content Warnings', query_factory=lambda: ContentWarning.query.order_by(db.asc(ContentWarning.name)), get_pk=lambda a: a.id, get_label=makeLabel)
 	license          = QuerySelectField("License", [DataRequired()], allow_blank=True, query_factory=lambda: License.query.order_by(db.asc(License.name)), get_pk=lambda a: a.id, get_label=lambda a: a.name)
 	media_license    = QuerySelectField("Media License", [DataRequired()], allow_blank=True, query_factory=lambda: License.query.order_by(db.asc(License.name)), get_pk=lambda a: a.id, get_label=lambda a: a.name)
-	tags             = QuerySelectMultipleField(lazy_gettext('Tags'), query_factory=lambda: Tag.query.order_by(db.asc(Tag.name)), get_pk=lambda a: a.id, get_label=makeLabel)
+	desc             = TextAreaField("Long Description (Markdown)", [Optional(), Length(0,10000)])
 	content_warnings = QuerySelectMultipleField(lazy_gettext('Content Warnings'), query_factory=lambda: ContentWarning.query.order_by(db.asc(ContentWarning.name)), get_pk=lambda a: a.id, get_label=makeLabel)
 	license          = QuerySelectField(lazy_gettext("License"), [DataRequired()], allow_blank=True, query_factory=lambda: License.query.order_by(db.asc(License.name)), get_pk=lambda a: a.id, get_label=lambda a: a.name)
 	media_license    = QuerySelectField(lazy_gettext("Media License"), [DataRequired()], allow_blank=True, query_factory=lambda: License.query.order_by(db.asc(License.name)), get_pk=lambda a: a.id, get_label=lambda a: a.name)
-	desc             = TextAreaField(lazy_gettext("Long Description (Markdown)"), [Optional(), Length(0,10000)])
+	repo             = StringField("VCS Repository URL", [Optional(), URL()], filters = [lambda x: x or None])
 	website          = StringField("Website URL", [Optional(), URL()], filters = [lambda x: x or None])
 	issueTracker     = StringField("Issue Tracker URL", [Optional(), URL()], filters = [lambda x: x or None])
 	forums           = IntegerField("Forum Topic ID", [Optional(), NumberRange(0,999999)])
-	repo             = StringField(lazy_gettext("VCS Repository URL"), [Optional(), URL()], filters = [lambda x: x or None])
+	submit           = SubmitField("Save")
 	website          = StringField(lazy_gettext("Website URL"), [Optional(), URL()], filters = [lambda x: x or None])
 	issueTracker     = StringField(lazy_gettext("Issue Tracker URL"), [Optional(), URL()], filters = [lambda x: x or None])
 	forums           = IntegerField(lazy_gettext("Forum Topic ID"), [Optional(), NumberRange(0,999999)])
 	video_url        = StringField(lazy_gettext("Video URL"), [Optional(), URL()], filters = [lambda x: x or None])
 	submit           = SubmitField(lazy_gettext("Save"))
@bp.route("/packages/new/", methods=["GET", "POST"])
@ -262,11 +248,11 @@ def create_edit(author=None, name=None):
 		else:
 			author = User.query.filter_by(username=author).first()
 			if author is None:
-				flash(gettext("Unable to find that user"), "danger")
+				flash("Unable to find that user", "danger")
 				return redirect(url_for("packages.create_edit"))
 			if not author.checkPerm(current_user, Permission.CHANGE_AUTHOR):
-				flash(gettext("Permission denied"), "danger")
+				flash("Permission denied", "danger")
 				return redirect(url_for("packages.create_edit"))
 	else:
@ -274,7 +260,7 @@ def create_edit(author=None, name=None):
 		if package is None:
 			abort(404)
 		if not package.checkPerm(current_user, Permission.EDIT_PACKAGE):
-			return redirect(package.getURL("packages.view"))
+			return redirect(package.getDetailsURL())
 		author = package.author
@ -283,15 +269,17 @@ def create_edit(author=None, name=None):
 	# Initial form class from post data and default data
 	if request.method == "GET":
 		if package is None:
-			form.name.data = request.args.get("bname")
+			form.name.data   = request.args.get("bname")
-			form.title.data = request.args.get("title")
+			form.title.data  = request.args.get("title")
-			form.repo.data = request.args.get("repo")
+			form.repo.data   = request.args.get("repo")
 			form.forums.data = request.args.get("forums")
 			form.license.data = None
 			form.media_license.data = None
 		else:
-			form.tags.data = package.tags
+			# form.harddep_str.data  = ",".join([str(x) for x in package.getSortedHardDependencies() ])
-			form.content_warnings.data = package.content_warnings
+			# form.softdep_str.data  = ",".join([str(x) for x in package.getSortedOptionalDependencies() ])
 			form.tags.data         = list(package.tags)
 			form.content_warnings.data = list(package.content_warnings)
 	if request.method == "POST" and form.type.data == PackageType.TXP:
 		form.license.data = form.media_license.data
@ -304,7 +292,7 @@ def create_edit(author=None, name=None):
 				if package.state == PackageState.READY_FOR_REVIEW:
 					Package.query.filter_by(name=form["name"].data, author_id=author.id).delete()
 				else:
-					flash(gettext("Package already exists!"), "danger")
+					flash("Package already exists!", "danger")
 					return redirect(url_for("packages.create_edit"))
 			package = Package()
@ -313,12 +301,11 @@ def create_edit(author=None, name=None):
 			wasNew = True
 		try:
-			do_edit_package(current_user, package, wasNew, True, {
+			do_edit_package(current_user, package, wasNew, {
 				"type": form.type.data,
 				"title": form.title.data,
 				"name": form.name.data,
 				"short_desc": form.short_desc.data,
 				"dev_state": form.dev_state.data,
 				"tags": form.tags.raw_data,
 				"content_warnings": form.content_warnings.raw_data,
 				"license": form.license.data,
@ -328,17 +315,16 @@ def create_edit(author=None, name=None):
 				"website": form.website.data,
 				"issueTracker": form.issueTracker.data,
 				"forums": form.forums.data,
 				"video_url": form.video_url.data,
 			})
 			if wasNew and package.repo is not None:
 				importRepoScreenshot.delay(package.id)
-			next_url = package.getURL("packages.view")
+			next_url = package.getDetailsURL()
 			if wasNew and ("WTFPL" in package.license.name or "WTFPL" in package.media_license.name):
 				next_url = url_for("flatpage", path="help/wtfpl", r=next_url)
 			elif wasNew:
-				next_url = package.getURL("packages.setup_releases")
+				next_url = package.getSetupReleasesURL()
 			return redirect(next_url)
 		except LogicError as e:
@ -352,8 +338,7 @@ def create_edit(author=None, name=None):
 	return render_template("packages/create_edit.html", package=package,
 			form=form, author=author, enable_wizard=enableWizard,
 			packages=package_query.all(),
-			mpackages=MetaPackage.query.order_by(db.asc(MetaPackage.name)).all(),
+			mpackages=MetaPackage.query.order_by(db.asc(MetaPackage.name)).all())
 			tabs=get_package_tabs(current_user, package), current_tab="edit")
@bp.route("/packages/<author>/<name>/state/", methods=["POST"])
@ -365,16 +350,14 @@ def move_to_state(package):
 		abort(400)
 	if not package.canMoveToState(current_user, state):
-		flash(gettext("You don't have permission to do that"), "danger")
+		flash("You don't have permission to do that", "danger")
-		return redirect(package.getURL("packages.view"))
+		return redirect(package.getDetailsURL())
 	package.state = state
 	msg = "Marked {} as {}".format(package.title, state.value)
 	if state == PackageState.APPROVED:
 		if not package.approved_at:
 			post_discord_webhook.delay(package.author.username,
 					"New package {}".format(package.getURL("packages.view", absolute=True)), False)
 			package.approved_at = datetime.datetime.now()
 		screenshots = PackageScreenshot.query.filter_by(package=package, approved=False).all()
@ -382,24 +365,21 @@ def move_to_state(package):
 			s.approved = True
 		msg = "Approved {}".format(package.title)
 	elif state == PackageState.READY_FOR_REVIEW:
 		post_discord_webhook.delay(package.author.username,
 				"Ready for Review: {}".format(package.getURL("packages.view", absolute=True)), True)
-	addNotification(package.maintainers, current_user, NotificationType.PACKAGE_APPROVAL, msg, package.getURL("packages.view"), package)
+	addNotification(package.maintainers, current_user, NotificationType.PACKAGE_APPROVAL, msg, package.getDetailsURL(), package)
 	severity = AuditSeverity.NORMAL if current_user in package.maintainers else AuditSeverity.EDITOR
-	addAuditLog(severity, current_user, msg, package.getURL("packages.view"), package)
+	addAuditLog(severity, current_user, msg, package.getDetailsURL(), package)
 	db.session.commit()
 	if package.state == PackageState.CHANGES_NEEDED:
-		flash(gettext("Please comment what changes are needed in the approval thread"), "warning")
+		flash("Please comment what changes are needed in the review thread", "warning")
 		if package.review_thread:
 			return redirect(package.review_thread.getViewURL())
 		else:
 			return redirect(url_for('threads.new', pid=package.id, title='Package approval comments'))
-	return redirect(package.getURL("packages.view"))
+	return redirect(package.getDetailsURL())
@bp.route("/packages/<author>/<name>/remove/", methods=["GET", "POST"])
@ -407,51 +387,48 @@ def move_to_state(package):
@is_package_page
 def remove(package):
 	if request.method == "GET":
-		return render_template("packages/remove.html", package=package,
+		return render_template("packages/remove.html", package=package)
 				tabs=get_package_tabs(current_user, package), current_tab="remove")
 	reason = request.form.get("reason") or "?"
 	if "delete" in request.form:
 		if not package.checkPerm(current_user, Permission.DELETE_PACKAGE):
-			flash(gettext("You don't have permission to do that."), "danger")
+			flash("You don't have permission to do that.", "danger")
-			return redirect(package.getURL("packages.view"))
+			return redirect(package.getDetailsURL())
 		package.state = PackageState.DELETED
 		url = url_for("users.profile", username=package.author.username)
-		msg = "Deleted {}, reason={}".format(package.title, reason)
+		msg = "Deleted {}".format(package.title)
 		addNotification(package.maintainers, current_user, NotificationType.PACKAGE_EDIT, msg, url, package)
 		addAuditLog(AuditSeverity.EDITOR, current_user, msg, url)
 		db.session.commit()
-		flash(gettext("Deleted package"), "success")
+		flash("Deleted package", "success")
 		return redirect(url)
 	elif "unapprove" in request.form:
 		if not package.checkPerm(current_user, Permission.UNAPPROVE_PACKAGE):
-			flash(gettext("You don't have permission to do that."), "danger")
+			flash("You don't have permission to do that.", "danger")
-			return redirect(package.getURL("packages.view"))
+			return redirect(package.getDetailsURL())
 		package.state = PackageState.WIP
-		msg = "Unapproved {}, reason={}".format(package.title, reason)
+		msg = "Unapproved {}".format(package.title)
-		addNotification(package.maintainers, current_user, NotificationType.PACKAGE_APPROVAL, msg, package.getURL("packages.view"), package)
+		addNotification(package.maintainers, current_user, NotificationType.PACKAGE_APPROVAL, msg, package.getDetailsURL(), package)
-		addAuditLog(AuditSeverity.EDITOR, current_user, msg, package.getURL("packages.view"), package)
+		addAuditLog(AuditSeverity.EDITOR, current_user, msg, package.getDetailsURL(), package)
 		db.session.commit()
-		flash(gettext("Unapproved package"), "success")
+		flash("Unapproved package", "success")
-		return redirect(package.getURL("packages.view"))
+		return redirect(package.getDetailsURL())
 	else:
 		abort(400)
 class PackageMaintainersForm(FlaskForm):
-	maintainers_str  = StringField(lazy_gettext("Maintainers (Comma-separated)"), [Optional()])
+	maintainers_str  = StringField("Maintainers (Comma-separated)", [Optional()])
-	submit	      = SubmitField(lazy_gettext("Save"))
+	submit	      = SubmitField("Save")
@bp.route("/packages/<author>/<name>/edit-maintainers/", methods=["GET", "POST"])
@ -459,8 +436,8 @@ class PackageMaintainersForm(FlaskForm):
@is_package_page
 def edit_maintainers(package):
 	if not package.checkPerm(current_user, Permission.EDIT_MAINTAINERS):
-		flash(gettext("You do not have permission to edit maintainers"), "danger")
+		flash("You do not have permission to edit maintainers", "danger")
-		return redirect(package.getURL("packages.view"))
+		return redirect(package.getDetailsURL())
 	form = PackageMaintainersForm(formdata=request.form)
 	if request.method == "GET":
@ -470,19 +447,15 @@ def edit_maintainers(package):
 		usernames = [x.strip().lower() for x in form.maintainers_str.data.split(",")]
 		users = User.query.filter(func.lower(User.username).in_(usernames)).all()
 		thread = package.threads.filter_by(author=get_system_user()).first()
 		for user in users:
 			if not user in package.maintainers:
 				if thread:
 					thread.watchers.append(user)
 				addNotification(user, current_user, NotificationType.MAINTAINER,
-						"Added you as a maintainer of {}".format(package.title), package.getURL("packages.view"), package)
+						"Added you as a maintainer of {}".format(package.title), package.getDetailsURL(), package)
 		for user in package.maintainers:
 			if user != package.author and not user in users:
 				addNotification(user, current_user, NotificationType.MAINTAINER,
-						"Removed you as a maintainer of {}".format(package.title), package.getURL("packages.view"), package)
+						"Removed you as a maintainer of {}".format(package.title), package.getDetailsURL(), package)
 		package.maintainers.clear()
 		package.maintainers.extend(users)
@ -490,18 +463,18 @@ def edit_maintainers(package):
 			package.maintainers.append(package.author)
 		msg = "Edited {} maintainers".format(package.title)
-		addNotification(package.author, current_user, NotificationType.MAINTAINER, msg, package.getURL("packages.view"), package)
+		addNotification(package.author, current_user, NotificationType.MAINTAINER, msg, package.getDetailsURL(), package)
 		severity = AuditSeverity.NORMAL if current_user == package.author else AuditSeverity.MODERATION
-		addAuditLog(severity, current_user, msg, package.getURL("packages.view"), package)
+		addAuditLog(severity, current_user, msg, package.getDetailsURL(), package)
 		db.session.commit()
-		return redirect(package.getURL("packages.view"))
+		return redirect(package.getDetailsURL())
 	users = User.query.filter(User.rank >= UserRank.NEW_MEMBER).order_by(db.asc(User.username)).all()
-	return render_template("packages/edit_maintainers.html", package=package, form=form,
+	return render_template("packages/edit_maintainers.html",
-			users=users, tabs=get_package_tabs(current_user, package), current_tab="maintainers")
+			package=package, form=form, users=users)
@bp.route("/packages/<author>/<name>/remove-self-maintainer/", methods=["POST"])
@ -509,105 +482,45 @@ def edit_maintainers(package):
@is_package_page
 def remove_self_maintainers(package):
 	if not current_user in package.maintainers:
-		flash(gettext("You are not a maintainer"), "danger")
+		flash("You are not a maintainer", "danger")
 	elif current_user == package.author:
-		flash(gettext("Package owners cannot remove themselves as maintainers"), "danger")
+		flash("Package owners cannot remove themselves as maintainers", "danger")
 	else:
 		package.maintainers.remove(current_user)
 		addNotification(package.author, current_user, NotificationType.MAINTAINER,
-				"Removed themself as a maintainer of {}".format(package.title), package.getURL("packages.view"), package)
+				"Removed themself as a maintainer of {}".format(package.title), package.getDetailsURL(), package)
 		db.session.commit()
-	return redirect(package.getURL("packages.view"))
+	return redirect(package.getDetailsURL())
-@bp.route("/packages/<author>/<name>/audit/")
+@bp.route("/packages/<author>/<name>/import-meta/", methods=["POST"])
@login_required
@is_package_page
-def audit(package):
+def update_from_release(package):
-	if not (package.checkPerm(current_user, Permission.EDIT_PACKAGE) or
+	if not package.checkPerm(current_user, Permission.REIMPORT_META):
-			package.checkPerm(current_user, Permission.APPROVE_NEW)):
+		flash("You don't have permission to reimport meta", "danger")
-		abort(403)
+		return redirect(package.getDetailsURL())
-	page = get_int_or_abort(request.args.get("page"), 1)
+	release = package.releases.first()
-	num = min(40, get_int_or_abort(request.args.get("n"), 100))
+	if not release:
 		flash("Release needed", "danger")
 		return redirect(package.getDetailsURL())
-	query = package.audit_log_entries.order_by(db.desc(AuditLogEntry.created_at))
+	msg = "Updated meta from latest release"
 	addNotification(package.maintainers, current_user, NotificationType.PACKAGE_EDIT,
 			msg, package.getDetailsURL(), package)
 	severity = AuditSeverity.NORMAL if current_user in package.maintainers else AuditSeverity.EDITOR
 	addAuditLog(severity, current_user, msg, package.getDetailsURL(), package)
-	pagination = query.paginate(page, num, True)
+	db.session.commit()
 	return render_template("packages/audit.html", log=pagination.items, pagination=pagination,
 		package=package, tabs=get_package_tabs(current_user, package), current_tab="audit")
 	task_id = uuid()
 	zippath = release.url.replace("/uploads/", app.config["UPLOAD_DIR"])
 	checkZipRelease.apply_async((release.id, zippath), task_id=task_id)
-class PackageAliasForm(FlaskForm):
+	return redirect(url_for("tasks.check", id=task_id, r=package.getEditURL()))
 	author  = StringField(lazy_gettext("Author Name"), [InputRequired(), Length(1, 50)])
 	name    = StringField(lazy_gettext("Name (Technical)"), [InputRequired(), Length(1, 100),
 			Regexp("^[a-z0-9_]+$", 0, lazy_gettext("Lower case letters (a-z), digits (0-9), and underscores (_) only"))])
 	submit  = SubmitField(lazy_gettext("Save"))
@bp.route("/packages/<author>/<name>/aliases/")
@rank_required(UserRank.EDITOR)
@is_package_page
 def alias_list(package: Package):
 	return render_template("packages/alias_list.html", package=package)
@bp.route("/packages/<author>/<name>/aliases/new/", methods=["GET", "POST"])
@bp.route("/packages/<author>/<name>/aliases/<int:alias_id>/", methods=["GET", "POST"])
@rank_required(UserRank.EDITOR)
@is_package_page
 def alias_create_edit(package: Package, alias_id: int = None):
 	alias = None
 	if alias_id:
 		alias = PackageAlias.query.get(alias_id)
 		if alias is None or alias.package != package:
 			abort(404)
 	form = PackageAliasForm(request.form, obj=alias)
 	if form.validate_on_submit():
 		if alias is None:
 			alias = PackageAlias()
 			alias.package = package
 			db.session.add(alias)
 		form.populate_obj(alias)
 		db.session.commit()
 		return redirect(package.getURL("packages.alias_list"))
 	return render_template("packages/alias_create_edit.html", package=package, form=form)
@bp.route("/packages/<author>/<name>/share/")
@login_required
@is_package_page
 def share(package):
 	return render_template("packages/share.html", package=package,
 			tabs=get_package_tabs(current_user, package), current_tab="share")
@bp.route("/packages/<author>/<name>/similar/")
@is_package_page
 def similar(package):
 	packages_modnames = {}
 	for metapackage in package.provides:
 		packages_modnames[metapackage] = Package.query.filter(Package.id != package.id,
 				Package.state != PackageState.DELETED) \
 			.filter(Package.provides.any(PackageProvides.c.metapackage_id == metapackage.id)) \
 			.order_by(db.desc(Package.score)) \
 			.all()
 	similar_topics = ForumTopic.query \
 		.filter_by(name=package.name) \
 		.filter(ForumTopic.topic_id != package.forums) \
 		.filter(~ db.exists().where(Package.forums == ForumTopic.topic_id)) \
 		.order_by(db.asc(ForumTopic.name), db.asc(ForumTopic.title)) \
 		.all()
 	return render_template("packages/similar.html", package=package,
 			packages_modnames=packages_modnames, similar_topics=similar_topics)
--- a/app/blueprints/packages/releases.py
+++ b/app/blueprints/packages/releases.py
@ -16,26 +16,17 @@
 from flask import *
 from flask_babel import gettext, lazy_gettext
 from flask_login import login_required
 from flask_wtf import FlaskForm
 from wtforms import *
-from wtforms_sqlalchemy.fields import QuerySelectField
+from wtforms.ext.sqlalchemy.fields import QuerySelectField
 from wtforms.validators import *
 from app.logic.releases import do_create_vcs_release, LogicError, do_create_zip_release
 from app.rediscache import has_key, set_key, make_download_key
 from app.tasks.importtasks import check_update_config
 from app.utils import *
-from . import bp, get_package_tabs
+from . import bp
@bp.route("/packages/<author>/<name>/releases/", methods=["GET", "POST"])
@is_package_page
 def list_releases(package):
 	return render_template("packages/releases_list.html",
 			package=package,
 			tabs=get_package_tabs(current_user, package), current_tab="releases")
 def get_mt_releases(is_max):
@ -49,40 +40,38 @@ def get_mt_releases(is_max):
 class CreatePackageReleaseForm(FlaskForm):
-	title      = StringField(lazy_gettext("Title"), [InputRequired(), Length(1, 30)])
+	title	   = StringField("Title", [InputRequired(), Length(1, 30)])
-	uploadOpt  = RadioField(lazy_gettext("Method"), choices=[("upload", lazy_gettext("File Upload"))], default="upload")
+	uploadOpt  = RadioField ("Method", choices=[("upload", "File Upload")], default="upload")
-	vcsLabel   = StringField(lazy_gettext("Git reference (ie: commit hash, branch, or tag)"), default=None)
+	vcsLabel   = StringField("Git reference (ie: commit hash, branch, or tag)", default=None)
-	fileUpload = FileField(lazy_gettext("File Upload"))
+	fileUpload = FileField("File Upload")
-	min_rel    = QuerySelectField(lazy_gettext("Minimum Minetest Version"), [InputRequired()],
+	min_rel    = QuerySelectField("Minimum Minetest Version", [InputRequired()],
 			query_factory=lambda: get_mt_releases(False), get_pk=lambda a: a.id, get_label=lambda a: a.name)
-	max_rel    = QuerySelectField(lazy_gettext("Maximum Minetest Version"), [InputRequired()],
+	max_rel    = QuerySelectField("Maximum Minetest Version", [InputRequired()],
 			query_factory=lambda: get_mt_releases(True), get_pk=lambda a: a.id, get_label=lambda a: a.name)
-	submit     = SubmitField(lazy_gettext("Save"))
+	submit	   = SubmitField("Save")
 class EditPackageReleaseForm(FlaskForm):
-	title    = StringField(lazy_gettext("Title"), [InputRequired(), Length(1, 30)])
+	title    = StringField("Title", [InputRequired(), Length(1, 30)])
-	url      = StringField(lazy_gettext("URL"), [Optional()])
+	url      = StringField("URL", [Optional()])
-	task_id  = StringField(lazy_gettext("Task ID"), filters = [lambda x: x or None])
+	task_id  = StringField("Task ID", filters = [lambda x: x or None])
-	approved = BooleanField(lazy_gettext("Is Approved"))
+	approved = BooleanField("Is Approved")
-	min_rel  = QuerySelectField(lazy_gettext("Minimum Minetest Version"), [InputRequired()],
+	min_rel  = QuerySelectField("Minimum Minetest Version", [InputRequired()],
 			query_factory=lambda: get_mt_releases(False), get_pk=lambda a: a.id, get_label=lambda a: a.name)
-	max_rel  = QuerySelectField(lazy_gettext("Maximum Minetest Version"), [InputRequired()],
+	max_rel  = QuerySelectField("Maximum Minetest Version", [InputRequired()],
 			query_factory=lambda: get_mt_releases(True), get_pk=lambda a: a.id, get_label=lambda a: a.name)
-	submit   = SubmitField(lazy_gettext("Save"))
+	submit   = SubmitField("Save")
@bp.route("/packages/<author>/<name>/releases/new/", methods=["GET", "POST"])
@login_required
@is_package_page
 def create_release(package):
 	if not package.checkPerm(current_user, Permission.MAKE_RELEASE):
-		return redirect(package.getURL("packages.view"))
+		return redirect(package.getDetailsURL())
 	# Initial form class from post data and default data
 	form = CreatePackageReleaseForm()
 	if package.repo is not None:
-		form["uploadOpt"].choices = [("vcs", gettext("Import from Git")), ("upload", gettext("Upload .zip file"))]
+		form["uploadOpt"].choices = [("vcs", "Import from Git"), ("upload", "Upload .zip file")]
 		if request.method == "GET":
 			form["uploadOpt"].data = "vcs"
 			form.vcsLabel.data = request.args.get("ref")
@ -132,7 +121,7 @@ def download_release(package, id):
 			db.session.commit()
-	return redirect(release.url)
+	return redirect(release.url, code=300)
@bp.route("/packages/<author>/<name>/releases/<id>/", methods=["GET", "POST"])
@ -144,9 +133,9 @@ def edit_release(package, id):
 		abort(404)
 	canEdit	= package.checkPerm(current_user, Permission.MAKE_RELEASE)
-	canApprove = release.checkPerm(current_user, Permission.APPROVE_RELEASE)
+	canApprove = package.checkPerm(current_user, Permission.APPROVE_RELEASE)
 	if not (canEdit or canApprove):
-		return redirect(package.getURL("packages.view"))
+		return redirect(package.getDetailsURL())
 	# Initial form class from post data and default data
 	form = EditPackageReleaseForm(formdata=request.form, obj=release)
@ -173,21 +162,21 @@ def edit_release(package, id):
 			release.approved = False
 		db.session.commit()
-		return redirect(package.getURL("packages.list_releases"))
+		return redirect(package.getDetailsURL())
 	return render_template("packages/release_edit.html", package=package, release=release, form=form)
 class BulkReleaseForm(FlaskForm):
-	set_min = BooleanField(lazy_gettext("Set Min"))
+	set_min = BooleanField("Set Min")
-	min_rel  = QuerySelectField(lazy_gettext("Minimum Minetest Version"), [InputRequired()],
+	min_rel  = QuerySelectField("Minimum Minetest Version", [InputRequired()],
 			query_factory=lambda: get_mt_releases(False), get_pk=lambda a: a.id, get_label=lambda a: a.name)
-	set_max = BooleanField(lazy_gettext("Set Max"))
+	set_max = BooleanField("Set Max")
-	max_rel  = QuerySelectField(lazy_gettext("Maximum Minetest Version"), [InputRequired()],
+	max_rel  = QuerySelectField("Maximum Minetest Version", [InputRequired()],
 			query_factory=lambda: get_mt_releases(True), get_pk=lambda a: a.id, get_label=lambda a: a.name)
-	only_change_none = BooleanField(lazy_gettext("Only change values previously set as none"))
+	only_change_none = BooleanField("Only change values previously set as none")
-	submit   = SubmitField(lazy_gettext("Update"))
+	submit   = SubmitField("Update")
@bp.route("/packages/<author>/<name>/releases/bulk_change/", methods=["GET", "POST"])
@ -195,7 +184,7 @@ class BulkReleaseForm(FlaskForm):
@is_package_page
 def bulk_change_release(package):
 	if not package.checkPerm(current_user, Permission.MAKE_RELEASE):
-		return redirect(package.getURL("packages.view"))
+		return redirect(package.getDetailsURL())
 	# Initial form class from post data and default data
 	form = BulkReleaseForm()
@ -213,7 +202,7 @@ def bulk_change_release(package):
 		db.session.commit()
-		return redirect(package.getURL("packages.list_releases"))
+		return redirect(package.getDetailsURL())
 	return render_template("packages/release_bulk_change.html", package=package, form=form)
@ -227,25 +216,21 @@ def delete_release(package, id):
 		abort(404)
 	if not release.checkPerm(current_user, Permission.DELETE_RELEASE):
-		return redirect(package.getURL("packages.list_releases"))
+		return redirect(release.getEditURL())
 	db.session.delete(release)
 	db.session.commit()
-	return redirect(package.getURL("packages.view"))
+	return redirect(package.getDetailsURL())
 class PackageUpdateConfigFrom(FlaskForm):
-	trigger = RadioField(lazy_gettext("Trigger"), [InputRequired()],
+	trigger = RadioField("Trigger", [InputRequired()], choices=PackageUpdateTrigger.choices(), coerce=PackageUpdateTrigger.coerce,
-			choices=[(PackageUpdateTrigger.COMMIT, lazy_gettext("New Commit")),
+			default=PackageUpdateTrigger.TAG)
-					(PackageUpdateTrigger.TAG, lazy_gettext("New Tag"))],
+	ref     = StringField("Branch name", [Optional()], default=None)
-			coerce=PackageUpdateTrigger.coerce, default=PackageUpdateTrigger.TAG)
+	action  = RadioField("Action", [InputRequired()], choices=[("notification", "Send notification and mark as outdated"), ("make_release", "Create release")], default="make_release")
-	ref     = StringField(lazy_gettext("Branch name"), [Optional()], default=None)
+	submit  = SubmitField("Save Settings")
-	action  = RadioField(lazy_gettext("Action"), [InputRequired()],
+	disable = SubmitField("Disable Automation")
 			choices=[("notification", lazy_gettext("Send notification and mark as outdated")), ("make_release", lazy_gettext("Create release"))],
 			default="make_release")
 	submit  = SubmitField(lazy_gettext("Save Settings"))
 	disable = SubmitField(lazy_gettext("Disable Automation"))
 def set_update_config(package, form):
@ -284,8 +269,8 @@ def update_config(package):
 		abort(403)
 	if not package.repo:
-		flash(gettext("Please add a Git repository URL in order to set up automatic releases"), "danger")
+		flash("Please add a Git repository URL in order to set up automatic releases", "danger")
-		return redirect(package.getURL("packages.create_edit"))
+		return redirect(package.getEditURL())
 	form = PackageUpdateConfigFrom(obj=package.update_config)
 	if request.method == "GET":
@ -295,12 +280,9 @@ def update_config(package):
 			form.trigger.data = PackageUpdateTrigger.COMMIT
 			form.action.data = "notification"
 		if "trigger" in request.args:
 			form.trigger.data = PackageUpdateTrigger.get(request.args["trigger"])
 	if form.validate_on_submit():
 		if form.disable.data:
-			flash(gettext("Deleted update configuration"), "success")
+			flash("Deleted update configuration", "success")
 			if package.update_config:
 				db.session.delete(package.update_config)
 			db.session.commit()
@ -308,10 +290,10 @@ def update_config(package):
 			set_update_config(package, form)
 		if not form.disable.data and package.releases.count() == 0:
-			flash(gettext("Now, please create an initial release"), "success")
+			flash("Now, please create an initial release", "success")
-			return redirect(package.getURL("packages.create_release"))
+			return redirect(package.getCreateReleaseURL())
-		return redirect(package.getURL("packages.list_releases"))
+		return redirect(package.getDetailsURL())
 	return render_template("packages/update_config.html", package=package, form=form)
@ -324,7 +306,7 @@ def setup_releases(package):
 		abort(403)
 	if package.update_config:
-		return redirect(package.getURL("packages.update_config"))
+		return redirect(package.getUpdateConfigURL())
 	return render_template("packages/release_wizard.html", package=package)
--- a/app/blueprints/packages/reviews.py
+++ b/app/blueprints/packages/reviews.py
@ -13,9 +13,6 @@
 #
 # You should have received a copy of the GNU Affero General Public License
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
 from collections import namedtuple
 from flask_babel import gettext, lazy_gettext
 from . import bp
@ -24,10 +21,8 @@ from flask_login import current_user, login_required
 from flask_wtf import FlaskForm
 from wtforms import *
 from wtforms.validators import *
-from app.models import db, PackageReview, Thread, ThreadReply, NotificationType, PackageReviewVote, Package, UserRank, \
+from app.models import db, PackageReview, Thread, ThreadReply, NotificationType
-	Permission, AuditSeverity
+from app.utils import is_package_page, addNotification, get_int_or_abort
 from app.utils import is_package_page, addNotification, get_int_or_abort, isYes, is_safe_url, rank_required, addAuditLog
 from app.tasks.webhooktasks import post_discord_webhook
@bp.route("/reviews/")
@ -40,19 +35,18 @@ def list_reviews():
 class ReviewForm(FlaskForm):
-	title	= StringField(lazy_gettext("Title"), [InputRequired(), Length(3,100)])
+	title	= StringField("Title", [InputRequired(), Length(3,100)])
-	comment = TextAreaField(lazy_gettext("Comment"), [InputRequired(), Length(10, 2000)])
+	comment = TextAreaField("Comment", [InputRequired(), Length(10, 2000)])
-	recommends = RadioField(lazy_gettext("Private"), [InputRequired()],
+	recommends = RadioField("Private", [InputRequired()], choices=[("yes", "Yes"), ("no", "No")])
-			choices=[("yes", lazy_gettext("Yes")), ("no", lazy_gettext("No"))])
+	submit  = SubmitField("Save")
 	submit  = SubmitField(lazy_gettext("Save"))
@bp.route("/packages/<author>/<name>/review/", methods=["GET", "POST"])
@login_required
@is_package_page
 def review(package):
 	if current_user in package.maintainers:
-		flash(gettext("You can't review your own package!"), "danger")
+		flash("You can't review your own package!", "danger")
-		return redirect(package.getURL("packages.view"))
+		return redirect(package.getDetailsURL())
 	review = PackageReview.query.filter_by(package=package, author=current_user).first()
@ -114,31 +108,22 @@ def review(package):
 		addNotification(package.maintainers, current_user, type, notif_msg,
 				url_for("threads.view", id=thread.id), package)
 		if was_new:
 			post_discord_webhook.delay(thread.author.username,
 					"Reviewed {}: {}".format(package.title, thread.getViewURL(absolute=True)), False)
 		db.session.commit()
-		return redirect(package.getURL("packages.view"))
+		return redirect(package.getDetailsURL())
 	return render_template("packages/review_create_edit.html",
 			form=form, package=package, review=review)
-@bp.route("/packages/<author>/<name>/reviews/<reviewer>/delete/", methods=["POST"])
+@bp.route("/packages/<author>/<name>/review/delete/", methods=["POST"])
@login_required
@is_package_page
-def delete_review(package, reviewer):
+def delete_review(package):
-	review = PackageReview.query \
+	review = PackageReview.query.filter_by(package=package, author=current_user).first()
 		.filter(PackageReview.package == package, PackageReview.author.has(username=reviewer)) \
 		.first()
 	if review is None or review.package != package:
 		abort(404)
 	if not review.checkPerm(current_user, Permission.DELETE_REVIEW):
 		abort(403)
 	thread = review.thread
 	reply = ThreadReply()
@ -149,92 +134,10 @@ def delete_review(package, reviewer):
 	thread.review = None
 	msg = "Converted review by {} to thread".format(review.author.display_name)
 	addAuditLog(AuditSeverity.MODERATION if current_user.username != reviewer else AuditSeverity.NORMAL,
 			current_user, msg, thread.getViewURL(), thread.package)
 	notif_msg = "Deleted review '{}', comments were kept as a thread".format(thread.title)
 	addNotification(package.maintainers, current_user, NotificationType.OTHER, notif_msg, url_for("threads.view", id=thread.id), package)
 	db.session.delete(review)
 	package.recalcScore()
 	db.session.commit()
 	return redirect(thread.getViewURL())
 def handle_review_vote(package: Package, review_id: int):
 	if current_user in package.maintainers:
 		flash(gettext("You can't vote on the reviews on your own package!"), "danger")
 		return
 	review: PackageReview = PackageReview.query.get(review_id)
 	if review is None or review.package != package:
 		abort(404)
 	if review.author == current_user:
 		flash(gettext("You can't vote on your own reviews!"), "danger")
 		return
 	is_positive = isYes(request.form["is_positive"])
 	vote = PackageReviewVote.query.filter_by(review=review, user=current_user).first()
 	if vote is None:
 		vote = PackageReviewVote()
 		vote.review = review
 		vote.user = current_user
 		vote.is_positive = is_positive
 		db.session.add(vote)
 	elif vote.is_positive == is_positive:
 		db.session.delete(vote)
 	else:
 		vote.is_positive = is_positive
 	review.update_score()
 	db.session.commit()
@bp.route("/packages/<author>/<name>/review/<int:review_id>/", methods=["POST"])
@login_required
@is_package_page
 def review_vote(package, review_id):
 	handle_review_vote(package, review_id)
 	next_url = request.args.get("r")
 	if next_url and is_safe_url(next_url):
 		return redirect(next_url)
 	else:
 		return redirect(review.thread.getViewURL())
@bp.route("/packages/<author>/<name>/review-votes/")
@rank_required(UserRank.ADMIN)
@is_package_page
 def review_votes(package):
 	user_biases = {}
 	for review in package.reviews:
 		review_sign = 1 if review.recommends else -1
 		for vote in review.votes:
 			user_biases[vote.user.username] = user_biases.get(vote.user.username, [0, 0])
 			vote_sign = 1 if vote.is_positive else -1
 			vote_bias = review_sign * vote_sign
 			if vote_bias == 1:
 				user_biases[vote.user.username][0] += 1
 			else:
 				user_biases[vote.user.username][1] += 1
 	BiasInfo = namedtuple("BiasInfo", "username balance with_ against no_vote perc_with")
 	user_biases_info = []
 	for username, bias in user_biases.items():
 		total_votes = bias[0] + bias[1]
 		balance = bias[0] - bias[1]
 		perc_with = round((100 * bias[0]) / total_votes)
 		user_biases_info.append(BiasInfo(username, balance, bias[0], bias[1], len(package.reviews) - total_votes, perc_with))
 	user_biases_info.sort(key=lambda x: -abs(x.balance))
 	return render_template("packages/review_votes.html", form=form, package=package, reviews=package.reviews,
 			user_biases=user_biases_info)
--- a/app/blueprints/packages/screenshots.py
+++ b/app/blueprints/packages/screenshots.py
@ -16,34 +16,33 @@
 from flask import *
 from flask_babel import gettext, lazy_gettext
 from flask_wtf import FlaskForm
 from flask_login import login_required
 from wtforms import *
-from wtforms_sqlalchemy.fields import QuerySelectField
+from wtforms.ext.sqlalchemy.fields import QuerySelectField
 from wtforms.validators import *
 from app.utils import *
-from . import bp, get_package_tabs
+from . import bp
 from app.logic.LogicError import LogicError
 from app.logic.screenshots import do_create_screenshot, do_order_screenshots
 class CreateScreenshotForm(FlaskForm):
-	title	   = StringField(lazy_gettext("Title/Caption"), [Optional(), Length(-1, 100)])
+	title	   = StringField("Title/Caption", [Optional(), Length(-1, 100)])
-	fileUpload = FileField(lazy_gettext("File Upload"), [InputRequired()])
+	fileUpload = FileField("File Upload", [InputRequired()])
-	submit	   = SubmitField(lazy_gettext("Save"))
+	submit	   = SubmitField("Save")
 class EditScreenshotForm(FlaskForm):
-	title	 = StringField(lazy_gettext("Title/Caption"), [Optional(), Length(-1, 100)])
+	title	 = StringField("Title/Caption", [Optional(), Length(-1, 100)])
-	approved = BooleanField(lazy_gettext("Is Approved"))
+	approved = BooleanField("Is Approved")
-	submit   = SubmitField(lazy_gettext("Save"))
+	submit   = SubmitField("Save")
 class EditPackageScreenshotsForm(FlaskForm):
-	cover_image      = QuerySelectField(lazy_gettext("Cover Image"), [DataRequired()], allow_blank=True, get_pk=lambda a: a.id, get_label=lambda a: a.title)
+	cover_image      = QuerySelectField("Cover Image", [DataRequired()], allow_blank=True, get_pk=lambda a: a.id, get_label=lambda a: a.title)
-	submit	         = SubmitField(lazy_gettext("Save"))
+	submit	         = SubmitField("Save")
@bp.route("/packages/<author>/<name>/screenshots/", methods=["GET", "POST"])
@ -51,10 +50,10 @@ class EditPackageScreenshotsForm(FlaskForm):
@is_package_page
 def screenshots(package):
 	if not package.checkPerm(current_user, Permission.ADD_SCREENSHOTS):
-		return redirect(package.getURL("packages.view"))
+		return redirect(package.getDetailsURL())
 	if package.screenshots.count() == 0:
-		return redirect(package.getURL("packages.create_screenshot"))
+		return redirect(package.getNewScreenshotURL())
 	form = EditPackageScreenshotsForm(obj=package)
 	form.cover_image.query = package.screenshots
@ -64,7 +63,7 @@ def screenshots(package):
 		if order:
 			try:
 				do_order_screenshots(current_user, package, order.split(","))
-				return redirect(package.getURL("packages.view"))
+				return redirect(package.getDetailsURL())
 			except LogicError as e:
 				flash(e.message, "danger")
@ -72,8 +71,7 @@ def screenshots(package):
 			form.populate_obj(package)
 			db.session.commit()
-	return render_template("packages/screenshots.html", package=package, form=form,
+	return render_template("packages/screenshots.html", package=package, form=form)
 			tabs=get_package_tabs(current_user, package), current_tab="screenshots")
@bp.route("/packages/<author>/<name>/screenshots/new/", methods=["GET", "POST"])
@ -81,14 +79,14 @@ def screenshots(package):
@is_package_page
 def create_screenshot(package):
 	if not package.checkPerm(current_user, Permission.ADD_SCREENSHOTS):
-		return redirect(package.getURL("packages.view"))
+		return redirect(package.getDetailsURL())
 	# Initial form class from post data and default data
 	form = CreateScreenshotForm()
 	if form.validate_on_submit():
 		try:
-			do_create_screenshot(current_user, package, form.title.data, form.fileUpload.data, False)
+			do_create_screenshot(current_user, package, form.title.data, form.fileUpload.data)
-			return redirect(package.getURL("packages.screenshots"))
+			return redirect(package.getEditScreenshotsURL())
 		except LogicError as e:
 			flash(e.message, "danger")
@ -106,7 +104,7 @@ def edit_screenshot(package, id):
 	canEdit	= package.checkPerm(current_user, Permission.ADD_SCREENSHOTS)
 	canApprove = package.checkPerm(current_user, Permission.APPROVE_SCREENSHOT)
 	if not (canEdit or canApprove):
-		return redirect(package.getURL("packages.screenshots"))
+		return redirect(package.getEditScreenshotsURL())
 	# Initial form class from post data and default data
 	form = EditScreenshotForm(obj=screenshot)
@ -122,7 +120,7 @@ def edit_screenshot(package, id):
 			screenshot.approved = wasApproved
 		db.session.commit()
-		return redirect(package.getURL("packages.screenshots"))
+		return redirect(package.getEditScreenshotsURL())
 	return render_template("packages/screenshot_edit.html", package=package, screenshot=screenshot, form=form)
@ -136,7 +134,7 @@ def delete_screenshot(package, id):
 		abort(404)
 	if not package.checkPerm(current_user, Permission.ADD_SCREENSHOTS):
-		flash(gettext("Permission denied"), "danger")
+		flash("Permission denied", "danger")
 		return redirect(url_for("homepage.home"))
 	if package.cover_image == screenshot:
@ -146,4 +144,4 @@ def delete_screenshot(package, id):
 	db.session.delete(screenshot)
 	db.session.commit()
-	return redirect(package.getURL("packages.screenshots"))
+	return redirect(package.getEditScreenshotsURL())
--- a/app/blueprints/report/init.py
+++ b/app/blueprints/report/init.py
@ -1,64 +0,0 @@
 # ContentDB
 # Copyright (C) 2022 rubenwardy
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
 #
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU Affero General Public License for more details.
 #
 # You should have received a copy of the GNU Affero General Public License
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
 from flask import Blueprint, request, render_template, url_for
 from flask_babel import lazy_gettext
 from flask_login import current_user
 from flask_wtf import FlaskForm
 from werkzeug.utils import redirect
 from wtforms import TextAreaField, SubmitField
 from wtforms.validators import InputRequired, Length
 from app.models import User, UserRank
 from app.tasks.emails import send_user_email
 from app.tasks.webhooktasks import post_discord_webhook
 from app.utils import isNo, abs_url_samesite
 bp = Blueprint("report", __name__)
 class ReportForm(FlaskForm):
 	message = TextAreaField(lazy_gettext("Message"), [InputRequired(), Length(10, 10000)])
 	submit = SubmitField(lazy_gettext("Report"))
@bp.route("/report/", methods=["GET", "POST"])
 def report():
 	is_anon = not current_user.is_authenticated or not isNo(request.args.get("anon"))
 	url = request.args.get("url")
 	if url:
 		url = abs_url_samesite(url)
 	form = ReportForm(formdata=request.form)
 	if form.validate_on_submit():
 		if current_user.is_authenticated:
 			user_info = f"{current_user.username}"
 		else:
 			user_info = request.headers.get("X-Forwarded-For") or request.remote_addr
 		text = f"{url}\n\n{form.message.data}"
 		task = None
 		for admin in User.query.filter_by(rank=UserRank.ADMIN).all():
 			task = send_user_email.delay(admin.email, admin.locale or "en",
 					f"User report from {user_info}", text)
 		post_discord_webhook.delay(None if is_anon else current_user.username, f"**New Report**\n{url}\n\n{form.message.data}", True)
 		return redirect(url_for("tasks.check", id=task.id, r=url_for("homepage.home")))
 	return render_template("report/index.html", form=form, url=url, is_anon=is_anon)
--- a/app/blueprints/threads/init.py
+++ b/app/blueprints/threads/init.py
@ -14,22 +14,19 @@
 # You should have received a copy of the GNU Affero General Public License
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
 from flask import *
 from flask_babel import gettext, lazy_gettext
 from app.markdown import get_user_mentions, render_markdown
 from app.tasks.webhooktasks import post_discord_webhook
 bp = Blueprint("threads", __name__)
 from flask_login import current_user, login_required
 from app import menu
 from app.models import *
-from app.utils import addNotification, isYes, addAuditLog, get_system_user
+from app.utils import addNotification, isYes, addAuditLog
 from flask_wtf import FlaskForm
 from wtforms import *
 from wtforms.validators import *
 from app.utils import get_int_or_abort
-
+@menu.register_menu(bp, ".threads", "Threads", order=20)
@bp.route("/threads/")
 def list_all():
 	query = Thread.query
@ -61,9 +58,9 @@ def subscribe(id):
 		abort(404)
 	if current_user in thread.watchers:
-		flash(gettext("Already subscribed!"), "success")
+		flash("Already subscribed!", "success")
 	else:
-		flash(gettext("Subscribed to thread"), "success")
+		flash("Subscribed to thread", "success")
 		thread.watchers.append(current_user)
 		db.session.commit()
@ -78,11 +75,11 @@ def unsubscribe(id):
 		abort(404)
 	if current_user in thread.watchers:
-		flash(gettext("Unsubscribed!"), "success")
+		flash("Unsubscribed!", "success")
 		thread.watchers.remove(current_user)
 		db.session.commit()
 	else:
-		flash(gettext("Already not subscribed!"), "success")
+		flash("Already not subscribed!", "success")
 	return redirect(thread.getViewURL())
@ -101,13 +98,13 @@ def set_lock(id):
 	msg = None
 	if thread.locked:
 		msg = "Locked thread '{}'".format(thread.title)
-		flash(gettext("Locked thread"), "success")
+		flash("Locked thread", "success")
 	else:
 		msg = "Unlocked thread '{}'".format(thread.title)
-		flash(gettext("Unlocked thread"), "success")
+		flash("Unlocked thread", "success")
 	addNotification(thread.watchers, current_user, NotificationType.OTHER, msg, thread.getViewURL(), thread.package)
-	addAuditLog(AuditSeverity.MODERATION, current_user, msg, thread.getViewURL(), thread.package)
+	addAuditLog(AuditSeverity.MODERATION, current_user, NotificationType.OTHER, msg, thread.getViewURL(), thread.package)
 	db.session.commit()
@ -153,7 +150,7 @@ def delete_reply(id):
 		abort(404)
 	if thread.replies[0] == reply:
-		flash(gettext("Cannot delete thread opening post!"), "danger")
+		flash("Cannot delete thread opening post!", "danger")
 		return redirect(thread.getViewURL())
 	if not reply.checkPerm(current_user, Permission.DELETE_REPLY):
@ -172,8 +169,8 @@ def delete_reply(id):
 class CommentForm(FlaskForm):
-	comment = TextAreaField(lazy_gettext("Comment"), [InputRequired(), Length(10, 2000)])
+	comment = TextAreaField("Comment", [InputRequired(), Length(10, 2000)])
-	submit  = SubmitField(lazy_gettext("Comment"))
+	submit  = SubmitField("Comment")
@bp.route("/threads/<int:id>/edit/", methods=["GET", "POST"])
@ -214,7 +211,7 @@ def edit_reply(id):
@bp.route("/threads/<int:id>/", methods=["GET", "POST"])
 def view(id):
-	thread: Thread = Thread.query.get(id)
+	thread = Thread.query.get(id)
 	if thread is None or not thread.checkPerm(current_user, Permission.SEE_THREAD):
 		abort(404)
@ -222,11 +219,11 @@ def view(id):
 		comment = request.form["comment"]
 		if not thread.checkPerm(current_user, Permission.COMMENT_THREAD):
-			flash(gettext("You cannot comment on this thread"), "danger")
+			flash("You cannot comment on this thread", "danger")
 			return redirect(thread.getViewURL())
 		if not current_user.canCommentRL():
-			flash(gettext("Please wait before commenting again"), "danger")
+			flash("Please wait before commenting again", "danger")
 			return redirect(thread.getViewURL())
 		if 2000 >= len(comment) > 3:
@ -239,40 +236,23 @@ def view(id):
 			if not current_user in thread.watchers:
 				thread.watchers.append(current_user)
 			for mentioned_username in get_user_mentions(render_markdown(comment)):
 				mentioned = User.query.filter_by(username=mentioned_username)
 				if mentioned is None:
 					continue
 				msg = "Mentioned by {} in '{}'".format(current_user.display_name, thread.title)
 				addNotification(mentioned, current_user, NotificationType.THREAD_REPLY,
 						msg, thread.getViewURL(), thread.package)
 			msg = "New comment on '{}'".format(thread.title)
 			addNotification(thread.watchers, current_user, NotificationType.THREAD_REPLY, msg, thread.getViewURL(), thread.package)
 			if thread.author == get_system_user():
 				approvers = User.query.filter(User.rank >= UserRank.APPROVER).all()
 				addNotification(approvers, current_user, NotificationType.EDITOR_MISC, msg,
 						thread.getViewURL(), thread.package)
 				post_discord_webhook.delay(current_user.username,
 						"Replied to bot messages: {}".format(thread.getViewURL(absolute=True)), True)
 			db.session.commit()
 			return redirect(thread.getViewURL())
 		else:
-			flash(gettext("Comment needs to be between 3 and 2000 characters."), "danger")
+			flash("Comment needs to be between 3 and 2000 characters.")
 	return render_template("threads/view.html", thread=thread)
 class ThreadForm(FlaskForm):
-	title	= StringField(lazy_gettext("Title"), [InputRequired(), Length(3,100)])
+	title	= StringField("Title", [InputRequired(), Length(3,100)])
-	comment = TextAreaField(lazy_gettext("Comment"), [InputRequired(), Length(10, 2000)])
+	comment = TextAreaField("Comment", [InputRequired(), Length(10, 2000)])
-	private = BooleanField(lazy_gettext("Private"))
+	private = BooleanField("Private")
-	submit  = SubmitField(lazy_gettext("Open Thread"))
+	submit  = SubmitField("Open Thread")
@bp.route("/threads/new/", methods=["GET", "POST"])
@ -284,7 +264,7 @@ def new():
 	if "pid" in request.args:
 		package = Package.query.get(int(request.args.get("pid")))
 		if package is None:
-			flash(gettext("Unable to find that package!"), "danger")
+			flash("Unable to find that package!", "danger")
 	# Don't allow making orphan threads on approved packages for now
 	if package is None:
@ -298,19 +278,19 @@ def new():
 	# Check that user can make the thread
 	if not package.checkPerm(current_user, Permission.CREATE_THREAD):
-		flash(gettext("Unable to create thread!"), "danger")
+		flash("Unable to create thread!", "danger")
 		return redirect(url_for("homepage.home"))
 	# Only allow creating one thread when not approved
 	elif is_review_thread and package.review_thread is not None:
-		flash(gettext("An approval thread already exists!"), "danger")
+		flash("A review thread already exists!", "danger")
 		return redirect(package.review_thread.getViewURL())
 	elif not current_user.canOpenThreadRL():
-		flash(gettext("Please wait before opening another thread"), "danger")
+		flash("Please wait before opening another thread", "danger")
 		if package:
-			return redirect(package.getURL("packages.view"))
+			return redirect(package.getDetailsURL())
 		else:
 			return redirect(url_for("homepage.home"))
@ -345,26 +325,16 @@ def new():
 		if is_review_thread:
 			package.review_thread = thread
-		for mentioned_username in get_user_mentions(render_markdown(form.comment.data)):
+			if package.state == PackageState.READY_FOR_REVIEW and current_user not in package.maintainers:
-			mentioned = User.query.filter_by(username=mentioned_username)
+				package.state = PackageState.CHANGES_NEEDED
 			if mentioned is None:
 				continue
 			msg = "Mentioned by {} in new thread '{}'".format(current_user.display_name, thread.title)
 			addNotification(mentioned, current_user, NotificationType.NEW_THREAD,
 							msg, thread.getViewURL(), thread.package)
 		notif_msg = "New thread '{}'".format(thread.title)
 		if package is not None:
 			addNotification(package.maintainers, current_user, NotificationType.NEW_THREAD, notif_msg, thread.getViewURL(), package)
-		approvers = User.query.filter(User.rank >= UserRank.APPROVER).all()
+		editors = User.query.filter(User.rank >= UserRank.EDITOR).all()
-		addNotification(approvers, current_user, NotificationType.EDITOR_MISC, notif_msg, thread.getViewURL(), package)
+		addNotification(editors, current_user, NotificationType.EDITOR_MISC, notif_msg, thread.getViewURL(), package)
 		if is_review_thread:
 			post_discord_webhook.delay(current_user.username,
 					"Opened approval thread: {}".format(thread.getViewURL(absolute=True)), True)
 		db.session.commit()
@ -372,12 +342,3 @@ def new():
 	return render_template("threads/new.html", form=form, allow_private_change=allow_change, package=package)
@bp.route("/users/<username>/comments/")
 def user_comments(username):
 	user = User.query.filter_by(username=username).first()
 	if user is None:
 		abort(404)
 	return render_template("threads/user_comments.html", user=user, replies=user.replies)
--- a/app/blueprints/todo/init.py
+++ b/app/blueprints/todo/init.py
@ -17,7 +17,7 @@
 from celery import uuid
 from flask import *
 from flask_login import current_user, login_required
-from sqlalchemy import or_, and_
+from sqlalchemy import or_
 from app.models import *
 from app.querybuilder import QueryBuilder
@ -63,24 +63,18 @@ def view_editor():
 		else:
 			abort(400)
 	license_needed = Package.query \
 		.filter(Package.state.in_([PackageState.READY_FOR_REVIEW, PackageState.APPROVED])) \
 		.filter(or_(Package.license.has(License.name.like("Other %")),
 			Package.media_license.has(License.name.like("Other %")))) \
 		.all()
 	total_packages = Package.query.filter_by(state=PackageState.APPROVED).count()
 	total_to_tag = Package.query.filter_by(state=PackageState.APPROVED, tags=None).count()
 	unfulfilled_meta_packages = MetaPackage.query \
 			.filter(~ MetaPackage.packages.any(state=PackageState.APPROVED)) \
-			.filter(MetaPackage.dependencies.any(Package.state == PackageState.APPROVED, optional=False)) \
+			.filter(MetaPackage.dependencies.any(optional=False)) \
 			.order_by(db.asc(MetaPackage.name)).count()
 	return render_template("todo/editor.html", current_tab="editor",
 			packages=packages, wip_packages=wip_packages, releases=releases, screenshots=screenshots,
 			canApproveNew=canApproveNew, canApproveRel=canApproveRel, canApproveScn=canApproveScn,
-			license_needed=license_needed, total_packages=total_packages, total_to_tag=total_to_tag,
+			total_packages=total_packages, total_to_tag=total_to_tag,
 			unfulfilled_meta_packages=unfulfilled_meta_packages)
@ -99,7 +93,7 @@ def topics():
 	page  = get_int_or_abort(request.args.get("page"), 1)
 	num   = get_int_or_abort(request.args.get("n"), 100)
-	if num > 100 and not current_user.rank.atLeast(UserRank.APPROVER):
+	if num > 100 and not current_user.rank.atLeast(UserRank.EDITOR):
 		num = 100
 	query = query.paginate(page, num, True)
@ -123,14 +117,9 @@ def tags():
 	qb.setSortIfNone("score", "desc")
 	query = qb.buildPackageQuery()
 	only_no_tags = isYes(request.args.get("no_tags"))
 	if only_no_tags:
 		query = query.filter(Package.tags==None)
 	tags = Tag.query.order_by(db.asc(Tag.title)).all()
-	return render_template("todo/tags.html", current_tab="tags", packages=query.all(), \
+	return render_template("todo/tags.html", current_tab="tags", packages=query.all(), tags=tags)
 			tags=tags, only_no_tags=only_no_tags)
@bp.route("/user/tags/")
@ -160,7 +149,7 @@ def view_user(username=None):
 	if not user:
 		abort(404)
-	if current_user != user and not current_user.rank.atLeast(UserRank.APPROVER):
+	if current_user != user and not current_user.rank.atLeast(UserRank.EDITOR):
 		abort(403)
 	unapproved_packages = user.packages \
@ -168,11 +157,6 @@ def view_user(username=None):
 			Package.state == PackageState.CHANGES_NEEDED)) \
 		.order_by(db.asc(Package.created_at)).all()
 	packages_with_small_screenshots = user.maintained_packages \
 		.filter(Package.screenshots.any(and_(PackageScreenshot.width < PackageScreenshot.SOFT_MIN_SIZE[0],
 				PackageScreenshot.height < PackageScreenshot.SOFT_MIN_SIZE[1]))) \
 		.all()
 	outdated_packages = user.maintained_packages \
 			.filter(Package.state != PackageState.DELETED,
 					Package.update_config.has(PackageUpdateConfig.outdated_at.isnot(None))) \
@ -185,14 +169,12 @@ def view_user(username=None):
 			.all()
 	needs_tags = user.maintained_packages \
-		.filter(Package.state != PackageState.DELETED, Package.tags==None) \
+		.filter(Package.state != PackageState.DELETED) \
-		.order_by(db.asc(Package.title)).all()
+		.filter_by(tags=None).order_by(db.asc(Package.title)).all()
 	return render_template("todo/user.html", current_tab="user", user=user,
 			unapproved_packages=unapproved_packages, outdated_packages=outdated_packages,
-			needs_tags=needs_tags, topics_to_add=topics_to_add,
+			needs_tags=needs_tags, topics_to_add=topics_to_add)
 			packages_with_small_screenshots=packages_with_small_screenshots,
 			screenshot_min_size=PackageScreenshot.HARD_MIN_SIZE, screenshot_rec_size=PackageScreenshot.SOFT_MIN_SIZE)
@bp.route("/users/<username>/update-configs/apply-all/", methods=["POST"])
@ -234,8 +216,8 @@ def apply_all_updates(username):
 		msg = "Created release {} (Applied all Git Update Detection)".format(rel.title)
 		addNotification(package.maintainers, current_user, NotificationType.PACKAGE_EDIT, msg,
-				rel.getURL("packages.create_edit"), package)
+				rel.getEditURL(), package)
-		addAuditLog(AuditSeverity.NORMAL, current_user, msg, package.getURL("packages.view"), package)
+		addAuditLog(AuditSeverity.NORMAL, current_user, msg, package.getDetailsURL(), package)
 		db.session.commit()
 	return redirect(url_for("todo.view_user", username=username))
--- a/app/blueprints/users/account.py
+++ b/app/blueprints/users/account.py
@ -15,9 +15,7 @@
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
 from flask import *
 from flask_babel import gettext, lazy_gettext, get_locale
 from flask_login import current_user, login_required, logout_user, login_user
 from flask_wtf import FlaskForm
 from sqlalchemy import or_
@ -26,24 +24,23 @@ from wtforms.validators import *
 from app.models import *
 from app.tasks.emails import send_verify_email, send_anon_email, send_unsubscribe_verify, send_user_email
-from app.utils import randomString, make_flask_login_password, is_safe_url, check_password_hash, addAuditLog, \
+from app.utils import randomString, make_flask_login_password, is_safe_url, check_password_hash, addAuditLog, nonEmptyOrNone
 	nonEmptyOrNone, post_login, is_username_valid
 from passlib.pwd import genphrase
 from . import bp
 class LoginForm(FlaskForm):
-	username = StringField(lazy_gettext("Username or email"), [InputRequired()])
+	username = StringField("Username or email", [InputRequired()])
-	password = PasswordField(lazy_gettext("Password"), [InputRequired(), Length(6, 100)])
+	password = PasswordField("Password", [InputRequired(), Length(6, 100)])
-	remember_me = BooleanField(lazy_gettext("Remember me"), default=True)
+	remember_me = BooleanField("Remember me", default=True)
-	submit = SubmitField(lazy_gettext("Sign in"))
+	submit = SubmitField("Sign in")
 def handle_login(form):
 	def show_safe_err(err):
 		if "@" in username:
-			flash(gettext("Incorrect email or password"), "danger")
+			flash("Incorrect email or password", "danger")
 		else:
 			flash(err, "danger")
@ -51,24 +48,27 @@ def handle_login(form):
 	username = form.username.data.strip()
 	user = User.query.filter(or_(User.username == username, User.email == username)).first()
 	if user is None:
-		return show_safe_err(gettext(u"User %(username)s does not exist", username=username))
+		return show_safe_err("User {} does not exist".format(username))
 	if not check_password_hash(user.password, form.password.data):
-		return show_safe_err(gettext(u"Incorrect password. Did you set one?"))
+		return show_safe_err("Incorrect password. Did you set one?")
 	if not user.is_active:
-		flash(gettext("You need to confirm the registration email"), "danger")
+		flash("You need to confirm the registration email", "danger")
 		return
 	addAuditLog(AuditSeverity.USER, user, "Logged in using password",
 			url_for("users.profile", username=user.username))
 	db.session.commit()
-	if not login_user(user, remember=form.remember_me.data):
+	login_user(user, remember=form.remember_me.data)
-		flash(gettext("Login failed"), "danger")
+	flash("Logged in successfully.", "success")
 		return
-	return post_login(user, request.args.get("next"))
+	next = request.args.get("next")
 	if next and not is_safe_url(next):
 		abort(400)
 	return redirect(next or url_for("homepage.home"))
@bp.route("/user/login/", methods=["GET", "POST"])
@ -100,63 +100,42 @@ def logout():
 class RegisterForm(FlaskForm):
-	display_name = StringField(lazy_gettext("Display Name"), [Optional(), Length(1, 20)], filters=[nonEmptyOrNone])
+	username = StringField("Username", [InputRequired()])
-	username = StringField(lazy_gettext("Username"), [InputRequired(),
+	email = StringField("Email", [InputRequired(), Email()])
-					Regexp("^[a-zA-Z0-9._-]+$", message=lazy_gettext("Only a-zA-Z0-9._ allowed"))])
+	password = PasswordField("Password", [InputRequired(), Length(6, 100)])
-	email    = StringField(lazy_gettext("Email"), [InputRequired(), Email()])
+	submit = SubmitField("Register")
 	password = PasswordField(lazy_gettext("Password"), [InputRequired(), Length(6, 100)])
 	question  = StringField(lazy_gettext("What is the result of the above calculation?"), [InputRequired()])
 	agree    = BooleanField(lazy_gettext("I agree"), [DataRequired()])
 	submit   = SubmitField(lazy_gettext("Register"))
 def handle_register(form):
 	if form.question.data.strip().lower() != "19":
 		flash(gettext("Incorrect captcha answer"), "danger")
 		return
 	if not is_username_valid(form.username.data):
 		flash(gettext("Username is invalid"))
 		return
 	user_by_name = User.query.filter(or_(
 			User.username == form.username.data,
 			User.username == form.display_name.data,
 			User.display_name == form.display_name.data,
 			User.forums_username == form.username.data,
 			User.github_username == form.username.data)).first()
 	if user_by_name:
 		if user_by_name.rank == UserRank.NOT_JOINED and user_by_name.forums_username:
-			flash(gettext("An account already exists for that username but hasn't been claimed yet."), "danger")
+			flash("An account already exists for that username but hasn't been claimed yet.", "danger")
 			return redirect(url_for("users.claim_forums", username=user_by_name.forums_username))
 		else:
-			flash(gettext("That username/display name is already in use, please choose another."), "danger")
+			flash("That username is already in use, please choose another.", "danger")
 			return
 	alias_by_name = PackageAlias.query.filter(or_(
 			PackageAlias.author==form.username.data,
 			PackageAlias.author==form.display_name.data)).first()
 	if alias_by_name:
 		flash(gettext("That username/display name is already in use, please choose another."), "danger")
 		return
 	user_by_email = User.query.filter_by(email=form.email.data).first()
 	if user_by_email:
-		send_anon_email.delay(form.email.data, get_locale().language, gettext("Email already in use"),
+		send_anon_email.delay(form.email.data, "Email already in use",
-			gettext("We were unable to create the account as the email is already in use by %(display_name)s. Try a different email address.",
+				"We were unable to create the account as the email is already in use by {}. Try a different email address.".format(
-					display_name=user_by_email.display_name))
+						user_by_email.display_name))
-		return redirect(url_for("users.email_sent"))
+		flash("Check your email address to verify your account", "success")
 		return redirect(url_for("homepage.home"))
 	elif EmailSubscription.query.filter_by(email=form.email.data, blacklisted=True).count() > 0:
-		flash(gettext("That email address has been unsubscribed/blacklisted, and cannot be used"), "danger")
+		flash("That email address has been unsubscribed/blacklisted, and cannot be used", "danger")
 		return
 	user = User(form.username.data, False, form.email.data, make_flask_login_password(form.password.data))
 	user.notification_preferences = UserNotificationPreferences(user)
 	if form.display_name.data:
 		user.display_name = form.display_name.data
 	db.session.add(user)
-	addAuditLog(AuditSeverity.USER, user, "Registered with email, display name=" + user.display_name,
+	addAuditLog(AuditSeverity.USER, user, "Registered with email",
 			url_for("users.profile", username=user.username))
 	token = randomString(32)
@ -168,9 +147,10 @@ def handle_register(form):
 	db.session.add(ver)
 	db.session.commit()
-	send_verify_email.delay(form.email.data, token, get_locale().language)
+	send_verify_email.delay(form.email.data, token)
-	return redirect(url_for("users.email_sent"))
+	flash("Check your email address to verify your account", "success")
 	return redirect(url_for("homepage.home"))
@bp.route("/user/register/", methods=["GET", "POST"])
@ -181,13 +161,12 @@ def register():
 		if ret:
 			return ret
-	return render_template("users/register.html", form=form,
+	return render_template("users/register.html", form=form, suggested_password=genphrase(entropy=52, wordset="bip39"))
 			suggested_password=genphrase(entropy=52, wordset="bip39"))
 class ForgotPasswordForm(FlaskForm):
-	email = StringField(lazy_gettext("Email"), [InputRequired(), Email()])
+	email = StringField("Email", [InputRequired(), Email()])
-	submit = SubmitField(lazy_gettext("Reset Password"))
+	submit = SubmitField("Reset Password")
@bp.route("/user/forgot-password/", methods=["GET", "POST"])
 def forgot_password():
@ -209,37 +188,42 @@ def forgot_password():
 			db.session.add(ver)
 			db.session.commit()
-			send_verify_email.delay(form.email.data, token, get_locale().language)
+			send_verify_email.delay(form.email.data, token)
 		else:
-			html = render_template("emails/unable_to_find_account.html")
+			send_anon_email.delay(email, "Unable to find account", """
-			send_anon_email.delay(email, get_locale().language, gettext("Unable to find account"),
+					<p>
-					html, html)
+						We were unable to perform the password reset as we could not find an account
 						associated with this email.
 					</p>
 					<p>
 						If you weren't expecting to receive this email, then you can safely ignore it.
 					</p>
 			""")
-		return redirect(url_for("users.email_sent"))
+		flash("Check your email address to continue the reset", "success")
 		return redirect(url_for("homepage.home"))
 	return render_template("users/forgot_password.html", form=form)
 class SetPasswordForm(FlaskForm):
-	email = StringField(lazy_gettext("Email"), [Optional(), Email()])
+	email = StringField("Email", [Optional(), Email()])
-	password = PasswordField(lazy_gettext("New password"), [InputRequired(), Length(8, 100)])
+	password = PasswordField("New password", [InputRequired(), Length(8, 100)])
-	password2 = PasswordField(lazy_gettext("Verify password"), [InputRequired(), Length(8, 100),
+	password2 = PasswordField("Verify password", [InputRequired(), Length(8, 100), validators.EqualTo('password', message='Passwords must match')])
-			validators.EqualTo('password', message=lazy_gettext('Passwords must match'))])
+	submit = SubmitField("Save")
 	submit = SubmitField(lazy_gettext("Save"))
 class ChangePasswordForm(FlaskForm):
-	old_password = PasswordField(lazy_gettext("Old password"), [InputRequired(), Length(8, 100)])
+	old_password = PasswordField("Old password", [InputRequired(), Length(8, 100)])
-	password = PasswordField(lazy_gettext("New password"), [InputRequired(), Length(8, 100)])
+	password = PasswordField("New password", [InputRequired(), Length(8, 100)])
-	password2 = PasswordField(lazy_gettext("Verify password"), [InputRequired(), Length(8, 100),
+	password2 = PasswordField("Verify password", [InputRequired(), Length(8, 100), validators.EqualTo('password', message='Passwords must match')])
-			validators.EqualTo('password', message=lazy_gettext('Passwords must match'))])
+	submit = SubmitField("Save")
 	submit = SubmitField(lazy_gettext("Save"))
 def handle_set_password(form):
 	one = form.password.data
 	two = form.password2.data
 	if one != two:
-		flash(gettext("Passwords do not match"), "danger")
+		flash("Passwords do not much", "danger")
 		return
 	addAuditLog(AuditSeverity.USER, current_user, "Changed their password", url_for("users.profile", username=current_user.username))
@ -250,31 +234,19 @@ def handle_set_password(form):
 		newEmail = nonEmptyOrNone(form.email.data)
 		if newEmail and newEmail != current_user.email:
 			if EmailSubscription.query.filter_by(email=form.email.data, blacklisted=True).count() > 0:
-				flash(gettext(u"That email address has been unsubscribed/blacklisted, and cannot be used"), "danger")
+				flash("That email address has been unsubscribed/blacklisted, and cannot be used", "danger")
 				return
-			user_by_email = User.query.filter_by(email=form.email.data).first()
+			token = randomString(32)
 			if user_by_email:
 				send_anon_email.delay(form.email.data, get_locale().language, gettext("Email already in use"),
 					gettext(u"We were unable to create the account as the email is already in use by %(display_name)s. Try a different email address.",
 							display_name=user_by_email.display_name))
 			else:
 				token = randomString(32)
-				ver = UserEmailVerification()
+			ver = UserEmailVerification()
-				ver.user = current_user
+			ver.user = current_user
-				ver.token = token
+			ver.token = token
-				ver.email = newEmail
+			ver.email = newEmail
-				db.session.add(ver)
+			db.session.add(ver)
 				db.session.commit()
 				send_verify_email.delay(form.email.data, token, get_locale().language)
 			flash(gettext("Your password has been changed successfully."), "success")
 			return redirect(url_for("users.email_sent"))
 	db.session.commit()
-	flash(gettext("Your password has been changed successfully."), "success")
+	flash("Your password has been changed successfully.", "success")
 	return redirect(url_for("homepage.home"))
@ -289,7 +261,7 @@ def change_password():
 			if ret:
 				return ret
 		else:
-			flash(gettext("Old password is incorrect"), "danger")
+			flash("Old password is incorrect", "danger")
 	return render_template("users/change_set_password.html", form=form,
 			suggested_password=genphrase(entropy=52, wordset="bip39"))
@ -317,17 +289,9 @@ def set_password():
@bp.route("/user/verify/")
 def verify_email():
 	token = request.args.get("token")
-	ver: UserEmailVerification = UserEmailVerification.query.filter_by(token=token).first()
+	ver : UserEmailVerification = UserEmailVerification.query.filter_by(token=token).first()
 	if ver is None:
-		flash(gettext("Unknown verification token!"), "danger")
+		flash("Unknown verification token!", "danger")
 		return redirect(url_for("homepage.home"))
 	delta = (datetime.datetime.now() - ver.created_at)
 	delta: datetime.timedelta
 	if delta.total_seconds() > 12*60*60:
 		flash(gettext("Token has expired"), "danger")
 		db.session.delete(ver)
 		db.session.commit()
 		return redirect(url_for("homepage.home"))
 	user = ver.user
@ -339,16 +303,15 @@ def verify_email():
 	if ver.email and user.email != ver.email:
 		if User.query.filter_by(email=ver.email).count() > 0:
-			flash(gettext("Another user is already using that email"), "danger")
+			flash("Another user is already using that email", "danger")
 			return redirect(url_for("homepage.home"))
-		flash(gettext("Confirmed email change"), "success")
+		flash("Confirmed email change", "success")
 		if user.email:
 			send_user_email.delay(user.email,
-					user.locale or "en",
+					"Email address changed",
-					gettext("Email address changed"),
+					"Your email address has changed. If you didn't request this, please contact an administrator.")
 					gettext("Your email address has changed. If you didn't request this, please contact an administrator."))
 	user.is_active = True
 	user.email = ver.email
@ -366,15 +329,15 @@ def verify_email():
 	if current_user.is_authenticated:
 		return redirect(url_for("users.profile", username=current_user.username))
 	elif was_activating:
-		flash(gettext("You may now log in"), "success")
+		flash("You may now log in", "success")
 		return redirect(url_for("users.login"))
 	else:
 		return redirect(url_for("homepage.home"))
 class UnsubscribeForm(FlaskForm):
-	email = StringField(lazy_gettext("Email"), [InputRequired(), Email()])
+	email = StringField("Email", [InputRequired(), Email()])
-	submit = SubmitField(lazy_gettext("Send"))
+	submit = SubmitField("Send")
 def unsubscribe_verify():
@ -388,9 +351,10 @@ def unsubscribe_verify():
 		sub.token = randomString(32)
 		db.session.commit()
-		send_unsubscribe_verify.delay(form.email.data, get_locale().language)
+		send_unsubscribe_verify.delay(form.email.data)
-		return redirect(url_for("users.email_sent"))
+		flash("Check your email address to continue the unsubscribe", "success")
 		return redirect(url_for("homepage.home"))
 	return render_template("users/unsubscribe.html", form=form)
@ -405,7 +369,7 @@ def unsubscribe_manage(sub: EmailSubscription):
 		sub.blacklisted = True
 		db.session.commit()
-		flash(gettext("That email is now blacklisted. Please contact an admin if you wish to undo this."), "success")
+		flash("That email is now blacklisted. Please contact an admin if you wish to undo this.", "success")
 		return redirect(url_for("homepage.home"))
 	return render_template("users/unsubscribe.html", user=user)
@ -420,8 +384,3 @@ def unsubscribe():
 			return unsubscribe_manage(sub)
 	return unsubscribe_verify()
@bp.route("/email_sent/")
 def email_sent():
 	return render_template("users/email_sent.html")
--- a/app/blueprints/users/claim.py
+++ b/app/blueprints/users/claim.py
@ -13,14 +13,19 @@
 #
 # You should have received a copy of the GNU Affero General Public License
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
 from flask_babel import gettext
 from . import bp
 from flask import redirect, render_template, session, request, flash, url_for
 from app.models import db, User, UserRank
-from app.utils import randomString, login_user_set_active, is_username_valid
+from app.utils import randomString, login_user_set_active
 from app.tasks.forumtasks import checkForumAccount
 from app.utils.phpbbparser import getProfile
 import re
 def check_username(username):
 	return username is not None and len(username) >= 2 and re.match("^[A-Za-z0-9._-]*$", username)
@bp.route("/user/claim/", methods=["GET", "POST"])
@ -36,17 +41,17 @@ def claim_forums():
 	else:
 		method = request.args.get("method")
-		if not is_username_valid(username):
+		if not check_username(username):
-			flash(gettext("Invalid username - must only contain A-Za-z0-9._. Consider contacting an admin"), "danger")
+			flash("Invalid username - must only contain A-Za-z0-9._. Consider contacting an admin", "danger")
 			return redirect(url_for("users.claim_forums"))
 		user = User.query.filter_by(forums_username=username).first()
 		if user and user.rank.atLeast(UserRank.NEW_MEMBER):
-			flash(gettext("User has already been claimed"), "danger")
+			flash("User has already been claimed", "danger")
 			return redirect(url_for("users.claim_forums"))
 		elif method == "github":
 			if user is None or user.github_username is None:
-				flash(gettext("Unable to get GitHub username for user"), "danger")
+				flash("Unable to get GitHub username for user", "danger")
 				return redirect(url_for("users.claim_forums", username=username))
 			else:
 				return redirect(url_for("github.start"))
@ -61,15 +66,15 @@ def claim_forums():
 		ctype	= request.form.get("claim_type")
 		username = request.form.get("username")
-		if not is_username_valid(username):
+		if not check_username(username):
-			flash(gettext("Invalid username - must only contain A-Za-z0-9._. Consider contacting an admin"), "danger")
+			flash("Invalid username - must only contain A-Za-z0-9._. Consider contacting an admin", "danger")
 		elif ctype == "github":
 			task = checkForumAccount.delay(username)
 			return redirect(url_for("tasks.check", id=task.id, r=url_for("users.claim_forums", username=username, method="github")))
 		elif ctype == "forum":
 			user = User.query.filter_by(forums_username=username).first()
 			if user is not None and user.rank.atLeast(UserRank.NEW_MEMBER):
-				flash(gettext("That user has already been claimed!"), "danger")
+				flash("That user has already been claimed!", "danger")
 				return redirect(url_for("users.claim_forums"))
 			# Get signature
@ -83,11 +88,11 @@ def claim_forums():
 				else:
 					message = str(e)
-				flash(gettext(u"Error whilst attempting to access forums: %(message)s", message=message), "danger")
+				flash("Error whilst attempting to access forums: " + message, "danger")
 				return redirect(url_for("users.claim_forums", username=username))
 			if profile is None:
-				flash(gettext("Unable to get forum signature - does the user exist?"), "danger")
+				flash("Unable to get forum signature - does the user exist?", "danger")
 				return redirect(url_for("users.claim_forums", username=username))
 			# Look for key
@ -100,17 +105,16 @@ def claim_forums():
 					db.session.add(user)
 					db.session.commit()
-				ret = login_user_set_active(user, remember=True)
+				if login_user_set_active(user, remember=True):
-				if ret is None:
+					return redirect(url_for("users.set_password"))
-					flash(gettext("Unable to login as user"), "danger")
+				else:
 					flash("Unable to login as user", "danger")
 					return redirect(url_for("users.claim_forums", username=username))
 				return ret
 			else:
-				flash(gettext("Could not find the key in your signature!"), "danger")
+				flash("Could not find the key in your signature!", "danger")
 				return redirect(url_for("users.claim_forums", username=username))
 		else:
-			flash(gettext("Unknown claim type"), "danger")
+			flash("Unknown claim type", "danger")
 	return render_template("users/claim_forums.html", username=username, key="cdb_" + token)
--- a/app/blueprints/users/profile.py
+++ b/app/blueprints/users/profile.py
@ -14,11 +14,8 @@
 # You should have received a copy of the GNU Affero General Public License
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
 import math
 from typing import Optional
 from flask import *
 from flask_babel import gettext
 from flask_login import current_user, login_required
 from sqlalchemy import func
@ -46,190 +43,19 @@ def by_forums_username(username):
 	return render_template("users/forums_no_such_user.html", username=username)
 class Medal:
 	description: str
 	color: Optional[str]
 	icon: str
 	title: Optional[str]
 	progress: Optional[Tuple[int, int]]
 	def __init__(self, description: str, **kwargs):
 		self.description = description
 		self.color = kwargs.get("color", "white")
 		self.icon = kwargs.get("icon", None)
 		self.title = kwargs.get("title", None)
 		self.progress = kwargs.get("progress", None)
 	@classmethod
 	def make_unlocked(cls, color: str, icon: str, title: str, description: str):
 		return Medal(description=description, color=color, icon=icon, title=title)
 	@classmethod
 	def make_locked(cls, description: str, progress: Tuple[int, int]):
 		return Medal(description=description, progress=progress)
 def place_to_color(place: int) -> str:
 	if place == 1:
 		return "gold"
 	elif place == 2:
 		return "#888"
 	elif place == 3:
 		return "#cd7f32"
 	else:
 		return "white"
 def get_user_medals(user: User) -> Tuple[List[Medal], List[Medal]]:
 	unlocked = []
 	locked = []
 	#
 	# REVIEWS
 	#
 	users_by_reviews = db.session.query(User.username, func.sum(PackageReview.score).label("karma")) \
 		.select_from(User).join(PackageReview) \
 		.group_by(User.username).order_by(text("karma DESC")).all()
 	try:
 		review_boundary = users_by_reviews[math.floor(len(users_by_reviews) * 0.25)][1] + 1
 	except IndexError:
 		review_boundary = None
 	usernames_by_reviews = [username for username, _ in users_by_reviews]
 	review_idx = None
 	review_percent = None
 	review_karma = 0
 	try:
 		review_idx = usernames_by_reviews.index(user.username)
 		review_percent = round(100 * review_idx / len(users_by_reviews), 1)
 		review_karma = max(users_by_reviews[review_idx][1], 0)
 	except ValueError:
 		pass
 	if review_percent is not None and review_percent < 25:
 		if review_idx == 0:
 			title = gettext(u"Top reviewer")
 			description = gettext(
 					u"%(display_name)s has written the most helpful reviews on ContentDB.",
 					display_name=user.display_name)
 		elif review_idx <= 2:
 			if review_idx == 1:
 				title = gettext(u"2nd most helpful reviewer")
 			else:
 				title = gettext(u"3rd most helpful reviewer")
 			description = gettext(
 					u"This puts %(display_name)s in the top %(perc)s%%",
 					display_name=user.display_name, perc=review_percent)
 		else:
 			title = gettext(u"Top %(perc)s%% reviewer", perc=review_percent)
 			description = gettext(u"Only %(place)d users have written more helpful reviews.", place=review_idx)
 		unlocked.append(Medal.make_unlocked(
 				place_to_color(review_idx + 1), "fa-star-half-alt", title, description))
 	else:
 		description = gettext(u"Consider writing more helpful reviews to get a medal.")
 		if review_idx:
 			description += " " + gettext(u"You are in place %(place)s.", place=review_idx + 1)
 		locked.append(Medal.make_locked(
 				description, (review_karma, review_boundary)))
 	#
 	# TOP PACKAGES
 	#
 	all_package_ranks = db.session.query(
 			Package.type,
 			Package.author_id,
 			func.rank().over(
 					order_by=db.desc(Package.score),
 					partition_by=Package.type) \
 				.label("rank")).order_by(db.asc(text("rank"))) \
 		.filter_by(state=PackageState.APPROVED).subquery()
 	user_package_ranks = db.session.query(all_package_ranks) \
 		.filter_by(author_id=user.id) \
 		.filter(text("rank <= 30")) \
 		.all()
 	user_package_ranks = next(
 			(x for x in user_package_ranks if x[0] == PackageType.MOD or x[2] <= 10),
 			None)
 	if user_package_ranks:
 		top_rank = user_package_ranks[2]
 		top_type = PackageType.coerce(user_package_ranks[0])
 		if top_rank == 1:
 			title = gettext(u"Top %(type)s", type=top_type.text.lower())
 		else:
 			title = gettext(u"Top %(group)d %(type)s", group=top_rank, type=top_type.text.lower())
 		if top_type == PackageType.MOD:
 			icon = "fa-box"
 		elif top_type == PackageType.GAME:
 			icon = "fa-gamepad"
 		else:
 			icon = "fa-paint-brush"
 		description = gettext(u"%(display_name)s has a %(type)s placed at #%(place)d.",
 				display_name=user.display_name, type=top_type.text.lower(), place=top_rank)
 		unlocked.append(
 				Medal.make_unlocked(place_to_color(top_rank), icon, title, description))
 	#
 	# DOWNLOADS
 	#
 	total_downloads = db.session.query(func.sum(Package.downloads)) \
 		.select_from(User) \
 		.join(User.packages) \
 		.filter(User.id == user.id,
 			Package.state == PackageState.APPROVED).scalar()
 	if total_downloads is None:
 		pass
 	elif total_downloads < 50000:
 		description = gettext(u"Your packages have %(downloads)d downloads in total.", downloads=total_downloads)
 		description += " " + gettext(u"First medal is at 50k.")
 		locked.append(Medal.make_locked(description, (total_downloads, 50000)))
 	else:
 		if total_downloads >= 300000:
 			place = 1
 			title = gettext(u">300k downloads")
 		elif total_downloads >= 100000:
 			place = 2
 			title = gettext(u">100k downloads")
 		elif total_downloads >= 75000:
 			place = 3
 			title = gettext(u">75k downloads")
 		else:
 			place = 10
 			title = gettext(u">50k downloads")
 		description = gettext(u"Has received %(downloads)d downloads across all packages.",
 				display_name=user.display_name, downloads=total_downloads)
 		unlocked.append(Medal.make_unlocked(place_to_color(place), "fa-users", title, description))
 	return unlocked, locked
@bp.route("/users/<username>/")
 def profile(username):
 	user = User.query.filter_by(username=username).first()
 	if not user:
 		abort(404)
 	packages = user.packages.filter(Package.state != PackageState.DELETED)
 	if not current_user.is_authenticated or (user != current_user and not current_user.canAccessTodoList()):
-		packages = user.packages.filter_by(state=PackageState.APPROVED)
+		packages = packages.filter_by(state=PackageState.APPROVED)
-		maintained_packages = user.maintained_packages.filter_by(state=PackageState.APPROVED)
+	packages = packages.order_by(db.asc(Package.title))
 	else:
 		packages = user.packages.filter(Package.state != PackageState.DELETED)
 		maintained_packages = user.maintained_packages.filter(Package.state != PackageState.DELETED)
 	packages = packages.order_by(db.asc(Package.title)).all()
 	maintained_packages = maintained_packages \
 		.filter(Package.author != user) \
 		.order_by(db.asc(Package.title)).all()
 	unlocked, locked = get_user_medals(user)
 	# Process GET or invalid POST
-	return render_template("users/profile.html", user=user,
+	return render_template("users/profile.html", user=user, packages=packages)
 			packages=packages, maintained_packages=maintained_packages,
 			medals_unlocked=unlocked, medals_locked=locked)
@bp.route("/users/<username>/check/", methods=["POST"])
--- a/app/blueprints/users/settings.py
+++ b/app/blueprints/users/settings.py
@ -1,8 +1,6 @@
 from flask import *
 from flask_babel import gettext, lazy_gettext, get_locale
 from flask_login import current_user, login_required, logout_user
 from flask_wtf import FlaskForm
 from sqlalchemy import or_
 from wtforms import *
 from wtforms.validators import *
@ -13,79 +11,34 @@ from . import bp
 def get_setting_tabs(user):
-	ret = [
+	return [
 		{
 			"id": "edit_profile",
-			"title": gettext("Edit Profile"),
+			"title": "Edit Profile",
 			"url": url_for("users.profile_edit", username=user.username)
 		},
 		{
 			"id": "account",
-			"title": gettext("Account and Security"),
+			"title": "Account and Security",
 			"url": url_for("users.account", username=user.username)
 		},
 		{
 			"id": "notifications",
-			"title": gettext("Email and Notifications"),
+			"title": "Email and Notifications",
 			"url": url_for("users.email_notifications", username=user.username)
 		},
 		{
 			"id": "api_tokens",
-			"title": gettext("API Tokens"),
+			"title": "API Tokens",
 			"url": url_for("api.list_tokens", username=user.username)
 		},
 	]
 	if current_user.rank.atLeast(UserRank.MODERATOR):
 		ret.append({
 			"id": "modtools",
 			"title": gettext("Moderator Tools"),
 			"url": url_for("users.modtools", username=user.username)
 		})
 	return ret
 class UserProfileForm(FlaskForm):
-	display_name = StringField(lazy_gettext("Display Name"), [Optional(), Length(1, 20)], filters=[lambda x: nonEmptyOrNone(x)])
+	website_url = StringField("Website URL", [Optional(), URL()], filters = [lambda x: x or None])
-	website_url = StringField(lazy_gettext("Website URL"), [Optional(), URL()], filters = [lambda x: x or None])
+	donate_url = StringField("Donation URL", [Optional(), URL()], filters = [lambda x: x or None])
-	donate_url = StringField(lazy_gettext("Donation URL"), [Optional(), URL()], filters = [lambda x: x or None])
+	submit = SubmitField("Save")
 	submit = SubmitField(lazy_gettext("Save"))
 def handle_profile_edit(form, user, username):
 	severity = AuditSeverity.NORMAL if current_user == user else AuditSeverity.MODERATION
 	addAuditLog(severity, current_user, "Edited {}'s profile".format(user.display_name),
 			url_for("users.profile", username=username))
 	if user.checkPerm(current_user, Permission.CHANGE_DISPLAY_NAME) and \
 			user.display_name != form.display_name.data:
 		if User.query.filter(User.id != user.id,
 				or_(User.username == form.display_name.data,
 						User.display_name.ilike(form.display_name.data))).count() > 0:
 			flash(gettext("A user already has that name"), "danger")
 			return None
 		alias_by_name = PackageAlias.query.filter(or_(
 				PackageAlias.author == form.display_name.data)).first()
 		if alias_by_name:
 			flash(gettext("A user already has that name"), "danger")
 			return
 		user.display_name = form.display_name.data
 		severity = AuditSeverity.USER if current_user == user else AuditSeverity.MODERATION
 		addAuditLog(severity, current_user, "Changed display name of {} to {}"
 			.format(user.username, user.display_name),
 				url_for("users.profile", username=username))
 	if user.checkPerm(current_user, Permission.CHANGE_PROFILE_URLS):
 		user.website_url = form["website_url"].data
 		user.donate_url = form["donate_url"].data
 	db.session.commit()
 	return redirect(url_for("users.profile", username=username))
@bp.route("/users/<username>/settings/profile/", methods=["GET", "POST"])
@ -96,14 +49,22 @@ def profile_edit(username):
 		abort(404)
 	if not user.can_see_edit_profile(current_user):
-		flash(gettext("Permission denied"), "danger")
+		flash("Permission denied", "danger")
 		return redirect(url_for("users.profile", username=username))
 	form = UserProfileForm(obj=user)
 	if form.validate_on_submit():
-		ret = handle_profile_edit(form, user, username)
+		severity = AuditSeverity.NORMAL if current_user == user else AuditSeverity.MODERATION
-		if ret:
+		addAuditLog(severity, current_user, "Edited {}'s profile".format(user.display_name),
-			return ret
+				url_for("users.profile", username=username))
 		if user.checkPerm(current_user, Permission.CHANGE_PROFILE_URLS):
 			user.website_url  = form["website_url"].data
 			user.donate_url   = form["donate_url"].data
 		db.session.commit()
 		return redirect(url_for("users.profile", username=username))
 	# Process GET or invalid POST
 	return render_template("users/profile_edit.html", user=user, form=form, tabs=get_setting_tabs(user), current_tab="edit_profile")
@ -111,8 +72,8 @@ def profile_edit(username):
 def make_settings_form():
 	attrs = {
-		"email": StringField(lazy_gettext("Email"), [Optional(), Email()]),
+		"email": StringField("Email", [Optional(), Email()]),
-		"submit": SubmitField(lazy_gettext("Save"))
+		"submit": SubmitField("Save")
 	}
 	for notificationType in NotificationType:
@ -139,7 +100,7 @@ def handle_email_notifications(user, prefs: UserNotificationPreferences, is_new,
 		newEmail = form.email.data
 		if newEmail and newEmail != user.email and newEmail.strip() != "":
 			if EmailSubscription.query.filter_by(email=form.email.data, blacklisted=True).count() > 0:
-				flash(gettext("That email address has been unsubscribed/blacklisted, and cannot be used"), "danger")
+				flash("That email address has been unsubscribed/blacklisted, and cannot be used", "danger")
 				return
 			token = randomString(32)
@ -156,8 +117,10 @@ def handle_email_notifications(user, prefs: UserNotificationPreferences, is_new,
 			db.session.add(ver)
 			db.session.commit()
-			send_verify_email.delay(newEmail, token, get_locale().language)
+			flash("Check your email to confirm it", "success")
-			return redirect(url_for("users.email_sent"))
+
 			send_verify_email.delay(newEmail, token)
 			return redirect(url_for("users.email_notifications", username=user.username))
 	db.session.commit()
 	return redirect(url_for("users.email_notifications", username=user.username))
@ -203,98 +166,36 @@ def email_notifications(username=None):
 			tabs=get_setting_tabs(user), current_tab="notifications")
-@bp.route("/users/<username>/settings/account/")
+class UserAccountForm(FlaskForm):
 	display_name = StringField("Display name", [Optional(), Length(2, 100)])
 	forums_username = StringField("Forums Username", [Optional(), Length(2, 50)])
 	github_username = StringField("GitHub Username", [Optional(), Length(2, 50)])
 	rank = SelectField("Rank", [Optional()], choices=UserRank.choices(), coerce=UserRank.coerce,
 			default=UserRank.NEW_MEMBER)
 	submit = SubmitField("Save")
@bp.route("/users/<username>/settings/account/", methods=["GET", "POST"])
@login_required
 def account(username):
 	user : User = User.query.filter_by(username=username).first()
 	if not user:
 		abort(404)
-	return render_template("users/account.html", user=user, tabs=get_setting_tabs(user), current_tab="account")
+	if not user.can_see_edit_profile(current_user):
 		flash("Permission denied", "danger")
 		return redirect(url_for("users.profile", username=username))
-
+	can_edit_account_settings = user.checkPerm(current_user, Permission.CHANGE_USERNAMES) or \
-@bp.route("/users/<username>/delete/", methods=["GET", "POST"])
+			user.checkPerm(current_user, Permission.CHANGE_RANK)
-@rank_required(UserRank.ADMIN)
+	form = UserAccountForm(obj=user) if can_edit_account_settings else None
-def delete(username):
+	if form and form.validate_on_submit():
 	user: User = User.query.filter_by(username=username).first()
 	if not user:
 		abort(404)
 	if user.rank.atLeast(UserRank.MODERATOR):
 		flash(gettext("Users with moderator rank or above cannot be deleted"), "danger")
 		return redirect(url_for("users.account", username=username))
 	if request.method == "GET":
 		return render_template("users/delete.html", user=user, can_delete=user.can_delete())
 	if "delete" in request.form and (user.can_delete() or current_user.rank.atLeast(UserRank.ADMIN)):
 		msg = "Deleted user {}".format(user.username)
 		flash(msg, "success")
 		addAuditLog(AuditSeverity.MODERATION, current_user, msg, None)
 		if current_user.rank.atLeast(UserRank.ADMIN):
 			for pkg in user.packages.all():
 				pkg.review_thread = None
 				db.session.delete(pkg)
 		db.session.delete(user)
 	elif "deactivate" in request.form:
 		user.replies.delete()
 		for thread in user.threads.all():
 			db.session.delete(thread)
 		user.email = None
 		user.rank = UserRank.NOT_JOINED
 		msg = "Deactivated user {}".format(user.username)
 		flash(msg, "success")
 		addAuditLog(AuditSeverity.MODERATION, current_user, msg, None)
 	else:
 		assert False
 	db.session.commit()
 	if user == current_user:
 		logout_user()
 	return redirect(url_for("homepage.home"))
 class ModToolsForm(FlaskForm):
 	username = StringField(lazy_gettext("Username"), [Optional(), Length(1, 50)])
 	display_name = StringField(lazy_gettext("Display name"), [Optional(), Length(2, 100)])
 	forums_username = StringField(lazy_gettext("Forums Username"), [Optional(), Length(2, 50)])
 	github_username = StringField(lazy_gettext("GitHub Username"), [Optional(), Length(2, 50)])
 	rank = SelectField(lazy_gettext("Rank"), [Optional()], choices=UserRank.choices(), coerce=UserRank.coerce,
 			default=UserRank.NEW_MEMBER)
 	submit = SubmitField(lazy_gettext("Save"))
@bp.route("/users/<username>/modtools/", methods=["GET", "POST"])
@rank_required(UserRank.MODERATOR)
 def modtools(username):
 	user: User = User.query.filter_by(username=username).first()
 	if not user:
 		abort(404)
 	if not user.checkPerm(current_user, Permission.CHANGE_EMAIL):
 		abort(403)
 	form = ModToolsForm(obj=user)
 	if form.validate_on_submit():
 		severity = AuditSeverity.NORMAL if current_user == user else AuditSeverity.MODERATION
-		addAuditLog(severity, current_user, "Edited {}'s account".format(user.display_name),
+		addAuditLog(severity, current_user, "Edited {}'s profile".format(user.display_name),
 				url_for("users.profile", username=username))
 		# Copy form fields to user_profile fields
 		if user.checkPerm(current_user, Permission.CHANGE_USERNAMES):
 			if user.username != form.username.data:
 				for package in user.packages:
 					alias = PackageAlias(user.username, package.name)
 					package.aliases.append(alias)
 					db.session.add(alias)
 				user.username = form.username.data
 			user.display_name = form.display_name.data
 			user.forums_username = nonEmptyOrNone(form.forums_username.data)
 			user.github_username = nonEmptyOrNone(form.github_username.data)
@ -306,63 +207,51 @@ def modtools(username):
 					user.rank = form["rank"].data
 					msg = "Set rank of {} to {}".format(user.display_name, user.rank.getTitle())
 					addAuditLog(AuditSeverity.MODERATION, current_user, msg,
-								url_for("users.profile", username=username))
+							url_for("users.profile", username=username))
 			else:
-				flash(gettext("Can't promote a user to a rank higher than yourself!"), "danger")
+				flash("Can't promote a user to a rank higher than yourself!", "danger")
 		db.session.commit()
-		return redirect(url_for("users.modtools", username=username))
+		return redirect(url_for("users.account", username=username))
-	return render_template("users/modtools.html", user=user, form=form, tabs=get_setting_tabs(user), current_tab="modtools")
+	return render_template("users/account.html", user=user, form=form, tabs=get_setting_tabs(user), current_tab="account")
-@bp.route("/users/<username>/modtools/set-email/", methods=["POST"])
+@bp.route("/users/<username>/delete/", methods=["GET", "POST"])
-@rank_required(UserRank.MODERATOR)
+@rank_required(UserRank.ADMIN)
-def modtools_set_email(username):
+def delete(username):
 	user: User = User.query.filter_by(username=username).first()
 	if not user:
 		abort(404)
-	if not user.checkPerm(current_user, Permission.CHANGE_EMAIL):
+	if user.rank.atLeast(UserRank.MODERATOR):
-		abort(403)
+		flash("Users with moderator rank or above cannot be deleted", "danger")
 		return redirect(url_for("users.account", username=username))
-	user.email = request.form["email"]
+	if request.method == "GET":
-	user.is_active = False
+		return render_template("users/delete.html", user=user, can_delete=user.can_delete())
-	token = randomString(32)
+	if user.can_delete():
-	addAuditLog(AuditSeverity.MODERATION, current_user, f"Set email and sent a password reset on {user.username}",
+		msg = "Deleted user {}".format(user.username)
-			url_for("users.profile", username=user.username), None)
+		flash(msg, "success")
 		addAuditLog(AuditSeverity.MODERATION, current_user, msg, None)
 		db.session.delete(user)
 	else:
 		user.replies.delete()
 		for thread in user.threads.all():
 			db.session.delete(thread)
 		user.email = None
 		user.rank = UserRank.NOT_JOINED
 		msg = "Deactivated user {}".format(user.username)
 		flash(msg, "success")
 		addAuditLog(AuditSeverity.MODERATION, current_user, msg, None)
 	ver = UserEmailVerification()
 	ver.user = user
 	ver.token = token
 	ver.email = user.email
 	ver.is_password_reset = True
 	db.session.add(ver)
 	db.session.commit()
-	send_verify_email.delay(user.email, token, user.locale or "en")
+	if user == current_user:
 		logout_user()
-	flash(f"Set email and sent a password reset on {user.username}", "success")
+	return redirect(url_for("homepage.home"))
 	return redirect(url_for("users.modtools", username=username))
@bp.route("/users/<username>/modtools/ban/", methods=["POST"])
@rank_required(UserRank.MODERATOR)
 def modtools_ban(username):
 	user: User = User.query.filter_by(username=username).first()
 	if not user:
 		abort(404)
 	if not user.checkPerm(current_user, Permission.CHANGE_RANK):
 		abort(403)
 	user.rank = UserRank.BANNED
 	addAuditLog(AuditSeverity.MODERATION, current_user, f"Banned {user.username}",
 			url_for("users.profile", username=user.username), None)
 	db.session.commit()
 	flash(f"Banned {user.username}", "success")
 	return redirect(url_for("users.modtools", username=username))
--- a/app/default_data.py
+++ b/app/default_data.py
@ -11,23 +11,16 @@ def populate(session):
 	admin_user.rank = UserRank.ADMIN
 	session.add(admin_user)
 	system_user = User("ContentDB", active=False)
 	system_user.email_confirmed_at = datetime.datetime.now() - datetime.timedelta(days=6000)
 	system_user.rank = UserRank.BOT
 	session.add(system_user)
 	session.add(MinetestRelease("None", 0))
 	session.add(MinetestRelease("0.4.16/17", 32))
 	session.add(MinetestRelease("5.0", 37))
 	session.add(MinetestRelease("5.1", 38))
 	session.add(MinetestRelease("5.2", 39))
 	session.add(MinetestRelease("5.3", 39))
 	tags = {}
 	for tag in ["Inventory", "Mapgen", "Building",
 		"Mobs and NPCs", "Tools", "Player effects",
 		"Environment", "Transport", "Maintenance", "Plants and farming",
-		"PvP", "PvE", "Survival", "Creative", "Puzzle", "Multiplayer", "Singleplayer", "Featured"]:
+		"PvP", "PvE", "Survival", "Creative", "Puzzle", "Multiplayer", "Singleplayer"]:
 		row = Tag(tag)
 		tags[row.name] = row
 		session.add(row)
@ -60,7 +53,7 @@ def populate_test_data(session):
 	ez.rank = UserRank.EDITOR
 	session.add(ez)
-	not1 = Notification(admin_user, ez, NotificationType.PACKAGE_APPROVAL, "Awards approved", "/packages/rubenwardy/awards/")
+	not1 = Notification(admin_user, ez, "Awards approved", "/packages/rubenwardy/awards/")
 	session.add(not1)
 	jeija = User("Jeija")
--- a/app/flatpages/help.md
+++ b/app/flatpages/help.md
@ -1,17 +1,14 @@
 title: Help
 toc: False
 ## General Help
 * [Frequently Asked Questions](faq)
 * [Content Ratings and Flags](content_flags)
 * [Non-free Licenses](non_free)
 * [Why WTFPL is a terrible license](wtfpl)
 * [Ranks and Permissions](ranks_permissions)
-* [Contact Us](contact_us)
+* [Reporting Content](reporting)
 * [Top Packages Algorithm](top_packages)
 * [Featured Packages](featured)
 ## Help for Package Authors
--- a/app/flatpages/help/api.md
+++ b/app/flatpages/help/api.md
@ -1,11 +1,5 @@
 title: API
 ## Resources
 * [How the Minetest client uses the API](https://github.com/minetest/contentdb/blob/master/docs/minetest_client.md)
 ## Responses and Error Handling
 If there is an error, the response will be JSON similar to the following with a non-200 status code: 
@ -20,33 +14,7 @@ If there is an error, the response will be JSON similar to the following with a
 Successful GET requests will return the resource's information directly as a JSON response.
 Other successful results will return a dictionary with `success` equaling true, and
-often other keys with information. For example:
+often other keys with information.
 ```js
 {
    "success": true,
    "release": {
        /* same as returned by a GET */ 
    }
 }
 ```
 ### Paginated Results
 Some API endpoints returns results in pages. The page number is specified using the `page` query argument, and
 the number of items is specified using `num`
 The response will be a dictionary with the following keys:
 * `page`: page number, integer from 1 to max 
 * `per_page`: number of items per page, same as `n`
 * `page_count`: number of pages
 * `total`: total number of results
 * `urls`: dictionary containing
    * `next`: url to next page
    * `previous`: url to previous page
 * `items`: array of items
 ## Authentication
@ -78,54 +46,28 @@ Tokens can be attained by visiting [Settings > API Tokens](/user/tokens/).
        * `title`: Human-readable title.
        * `name`: Technical name (needs permission if already approved).
        * `short_description`
-        * `dev_state`: One of `WIP`, `BETA`, `ACTIVELY_DEVELOPED`, `MAINTENANCE_ONLY`, `AS_IS`, `DEPRECATED`,
+        * `tags`: List of tag names, see [misc](#misc).
-            `LOOKING_FOR_MAINTAINER`.
+        * `content_warnings`: List of content warning names, see [misc](#misc).
-        * `tags`: List of [tag](#tags) names.
+        * `license`: A license name.
-        * `content_warnings`: List of [content warning](#content-warnings) names.
+        * `media_license`: A license name.          
        * `license`: A [license](#licenses) name.
        * `media_license`: A [license](#licenses) name.   
        * `long_description`: Long markdown description.
        * `repo`: Git repo URL.
        * `website`: Website URL.
        * `issue_tracker`: Issue tracker URL.
        * `forums`: forum topic ID.
        * `video_url`: URL to a video.
        * `game_support`: Array of game support information objects. Not currently documented, as subject to change.
 * GET `/api/packages/<username>/<name>/dependencies/`
    * Returns dependencies, with suggested candidates 
    * If query argument `only_hard` is present, only hard deps will be returned.
 * GET `/api/dependencies/`
    * Returns `provides` and raw dependencies for all packages.
    * Supports [Package Queries](#package-queries)
    * [Paginated result](#paginated-results), max 300 results per page
    * Each item in `items` will be a dictionary with the following keys:
        * `type`: One of `GAME`, `MOD`, `TXP`. 
        * `author`: Username of the package author.
        * `name`: Package name.
        * `provides`: List of technical mod names inside the package.
        * `depends`: List of hard dependencies.
            * Each dep will either be a metapackage dependency (`name`), or a
                package dependency (`author/name`).
        * `optional_depends`: list of optional dependencies
            * Same as above.
 You can download a package by building one of the two URLs:
 ```
 https://content.minetest.net/packages/${author}/${name}/download/`
 https://content.minetest.net/packages/${author}/${name}/releases/${release}/download/`
 ```
 Examples:
 ```bash
-# Edit package
+# Edit packages
-curl -X PUT https://content.minetest.net/api/packages/username/name/ \
+curl -X PUT http://localhost:5123/api/packages/username/name/ \
    -H "Authorization: Bearer YOURTOKEN" -H "Content-Type: application/json" \
    -d '{ "title": "Foo bar", "tags": ["pvp", "survival"], "license": "MIT" }'
 # Remove website URL
-curl -X PUT https://content.minetest.net/api/packages/username/name/ \
+curl -X PUT http://localhost:5123/api/packages/username/name/ \
    -H "Authorization: Bearer YOURTOKEN" -H "Content-Type: application/json" \
    -d '{ "website": null }'
 ```
@ -156,11 +98,7 @@ Supported query parameters:
 ## Releases
-* GET `/api/releases/` (List)   
+* GET `/api/packages/<username>/<name>/releases/` (List)
    * Limited to 30 most recent releases.
    * Optional arguments:
        * `author`: Filter by author
        * `maintainer`: Filter by maintainer
    * Returns array of release dictionaries with keys:
        * `id`: release ID
        * `title`: human-readable title
@ -170,12 +108,6 @@ Supported query parameters:
        * `downloads`: number of downloads
        * `min_minetest_version`: dict or null, minimum supported minetest version (inclusive).
        * `max_minetest_version`: dict or null, minimum supported minetest version (inclusive).
        * `package`
            * `author`: author username
            * `name`: technical name
            * `type`: `mod`, `game`, or `txp`
 * GET `/api/packages/<username>/<name>/releases/` (List)
    * Returns array of release dictionaries, see above, but without package info.
 * GET `/api/packages/<username>/<name>/releases/<id>/` (Read)
 * POST `/api/packages/<username>/<name>/releases/new/` (Create)
    * Requires authentication.
@ -185,8 +117,7 @@ Supported query parameters:
        * `method`: must be `git`.
        * `ref`: (Optional) git reference, eg: `master`.
    * For zip upload release creation: 
-        * `file`: multipart file to upload, like `<input type="file" name="file">`.
+        * `file`: multipart file to upload, like `<input type=file>`.
        * `commit`: (Optional) Source Git commit hash, for informational purposes.
    * You can set min and max Minetest Versions [using the content's .conf file](/help/package_config/).
 * DELETE `/api/packages/<username>/<name>/releases/<id>/` (Delete)
    * Requires authentication.
@ -205,11 +136,6 @@ curl -X POST https://content.minetest.net/api/packages/username/name/releases/ne
    -H "Authorization: Bearer YOURTOKEN" \
    -F title="My Release" -F file=@path/to/file.zip
 # Create release from zip upload with commit hash
 curl -X POST https://content.minetest.net/api/packages/username/name/releases/new/ \
    -H "Authorization: Bearer YOURTOKEN" \
    -F title="My Release" -F commit="8ef74deec170a8ce789f6055a59d43876d16a7ea" -F file=@path/to/file.zip
 # Delete release
 curl -X DELETE https://content.minetest.net/api/packages/username/name/releases/3/ \
    -H "Authorization: Bearer YOURTOKEN" 
@ -226,7 +152,6 @@ curl -X DELETE https://content.minetest.net/api/packages/username/name/releases/
        * `url`: absolute URL to screenshot.
        * `created_at`: ISO time.
        * `order`: Number used in ordering.
        * `is_cover_image`: true for cover image.
 * GET `/api/packages/<username>/<name>/screenshots/<id>/` (Read)
    * Returns screenshot dictionary like above.
 * POST `/api/packages/<username>/<name>/screenshots/new/` (Create)
@ -234,32 +159,20 @@ curl -X DELETE https://content.minetest.net/api/packages/username/name/releases/
    * Body is multipart form data.
    * `title`: human-readable name for the screenshot, shown as a caption and alt text.
    * `file`: multipart file to upload, like `<input type=file>`.
    * `is_cover_image`: set cover image to this.
 * DELETE `/api/packages/<username>/<name>/screenshots/<id>/` (Delete)
    * Requires authentication.
    * Deletes screenshot.
 * POST `/api/packages/<username>/<name>/screenshots/order/`
    * Requires authentication.
    * Body is a JSON array containing the screenshot IDs in their order.
 * POST `/api/packages/<username>/<name>/screenshots/cover-image/`
    * Requires authentication.
    * Body is a JSON dictionary with "cover_image" containing the screenshot ID.
 Currently, to get a different size of thumbnail you can replace the number in `/thumbnails/1/` with any number from 1-3.
 The resolutions returned may change in the future, and we may move to a more capable thumbnail generation.
 Examples:
 ```bash
-# Create screenshot
+# Create screenshots
 curl -X POST https://content.minetest.net/api/packages/username/name/screenshots/new/ \
    -H "Authorization: Bearer YOURTOKEN" \
    -F title="My Release" -F file=@path/to/screnshot.png
 # Create screenshot and set it as the cover image
 curl -X POST https://content.minetest.net/api/packages/username/name/screenshots/new/ \
    -H "Authorization: Bearer YOURTOKEN" \
    -F title="My Release" -F file=@path/to/screnshot.png -F is_cover_image="true"
 # Delete screenshot
 curl -X DELETE https://content.minetest.net/api/packages/username/name/screenshots/3/ \
@ -269,123 +182,43 @@ curl -X DELETE https://content.minetest.net/api/packages/username/name/screensho
 curl -X POST https://content.minetest.net/api/packages/username/name/screenshots/order/ \
    -H "Authorization: Bearer YOURTOKEN" -H "Content-Type: application/json" \
    -d "[13, 2, 5, 7]"
 # Set cover image
 curl -X POST https://content.minetest.net/api/packages/username/name/screenshots/cover-image/ \
    -H "Authorization: Bearer YOURTOKEN" -H "Content-Type: application/json" \
    -d "{ 'cover_image': 123 }"
 ```
 ## Reviews
 * GET `/api/packages/<username>/<name>/reviews/` (List)
    * Returns array of review dictionaries with keys:
        * `user`: dictionary with `display_name` and `username`.
        * `title`: review title 
        * `comment`: the text
        * `is_positive`: boolean
        * `created_at`: iso timestamp
        * `votes`: dictionary with `helpful` and `unhelpful`,
 * GET `/api/reviews/` (List)
    * Returns a paginated response. This is a dictionary with `page`, `url`, and `items`.
        * [Paginated result](#paginated-results)
        * `items`: array of review dictionaries, like above
            * Each review also has a `package` dictionary with `type`, `author` and `name`
    * Query arguments:
        * `page`: page number, integer from 1 to max
        * `n`: number of results per page, max 100
        * `author`: filter by review author username
        * `is_positive`: true or false. Default: null
        * `q`: filter by title (case insensitive, no fulltext search)
 Example:
 ```json
 [
  {
    "comment": "This is a really good mod!", 
    "created_at": "2021-11-24T16:18:33.764084", 
    "is_positive": true, 
    "title": "Really good", 
    "user": {
      "display_name": "rubenwardy", 
      "username": "rubenwardy"
    }, 
    "votes": {
      "helpful": 0, 
      "unhelpful": 0
    }
  }
 ]
 ```
 ## Topics
-* GET `/api/topics/` ([View](/api/topics/))
+* GET `/api/topics/`:  Supports [Package Queries](#package-queries), and the following two options:
-    * See [Topic Queries](#topic-queries)
+    * `show_added`:  Show topics which exist as packages, default true.
    * `show_discarded`:  Show topics which have been marked as outdated, default false.
 ### Topic Queries
 Example:
-    /api/topics/?q=mobs&type=mod&type=game
+    /api/topics/?q=mobs
 Supported query parameters:
 * `q`:  Query string.
-* `type`:  Package types (`mod`, `game`, `txp`).
+* `sort`:  Sort by (`name`, `views`, `date`).
-* `sort`:  Sort by (`name`, `views`, `created_at`).
+* `order`:  Sort ascending (`asc`) or descending (`desc`).
 * `show_added`:  Show topics that have an existing package.
 * `show_discarded`:  Show topics marked as discarded.
 * `limit`:  Return at most `limit` topics.
 ## Types
 ### Tags
 * GET `/api/tags/` ([View](/api/tags/)):  List of:
    * `name`:  technical name.
    * `title`:  human-readable title.
    * `description`:  tag description or null.
    * `is_protected`: boolean, whether the tag is protected (can only be set by Editors in the web interface).
    * `views`: number of views of this tag.
 ### Content Warnings
 * GET `/api/content_warnings/` ([View](/api/content_warnings/)):  List of:
    * `name`:  technical name
    * `title`:  human-readable title
    * `description`:  tag description or null
 ### Licenses
 * GET `/api/licenses/` ([View](/api/licenses/)):  List of:
    * `name`
    * `is_foss`: whether the license is foss
 ### Minetest Versions
 * GET `/api/minetest_versions/` ([View](/api/minetest_versions/))
    * `name`: Version name.
    * `is_dev`: boolean, is dev version.
    * `protocol_version`: protocol version umber.
 ## Misc
-* GET `/api/scores/` ([View](/api/scores/))
+* GET `/api/scores/`
-    * See [Top Packages Algorithm](/help/top_packages/).
+    * See [Package Queries](#package-queries)
-    * Supports [Package Queries](#package-queries).
+* GET `/api/tags/`:  List of:
-    * Returns list of:
+    * `name`:  technical name
-        * `author`: package author name.
+    * `title`:  human-readable title
-        * `name`: package technical name.
+    * `description`:  tag description or null
-        * `downloads`: number of downloads.
+* GET `/api/licenses/`:  List of:
-        * `score`: total package score.
+    * `name`
-        * `score_reviews`: score from reviews.
+    * `is_foss`: whether the license is foss
-        * `score_downloads`: score from downloads.
+* GET `/api/homepage/`
 * GET `/api/homepage/` ([View](/api/homepage/)) - get contents of homepage.
    * `count`:  number of packages
    * `downloads`:  get number of downloads
    * `new`:  new packages
@ -394,5 +227,4 @@ Supported query parameters:
    * `pop_txp`:  popular textures
    * `pop_game`:  popular games
    * `high_reviewed`:  highest reviewed
-* GET `/api/welcome/v1/` ([View](/api/welcome/v1/)) - in-menu welcome dialog. Experimental (may change without warning)
+* GET `/api/minetest_versions/`
    * `featured`: featured games
--- a/app/flatpages/help/contact_us.md
+++ b/app/flatpages/help/contact_us.md
@ -1,14 +0,0 @@
 title: Contact Us
 ## Reports
 Please let us know if anything on the ContentDB violates our rules or any applicable
 laws.
 We take copyright violation and other offenses very seriously.
 <a href="/report/" class="btn btn-primary">Report</a>
 ## Other
 <a href="https://rubenwardy.com/contact/" class="btn btn-primary">Contact the admin</a>
--- a/app/flatpages/help/content_flags.md
+++ b/app/flatpages/help/content_flags.md
@ -15,27 +15,20 @@ contentdb_flag_blacklist = nonfree, bad_language, drugs
 A flag can be:
-* `nonfree`: can be used to hide packages which do not qualify as
+* `nonfree` - can be used to hide packages which do not qualify as
-    'free software', as defined by the Free Software Foundation.
+	'free software', as defined by the Free Software Foundation.
 * `wip`: packages marked as Work in Progress 
 * `deprecated`: packages marked as Deprecated
 * A content warning, given below.
-* `*`: hides all content warnings.
+* `android_default` - meta-flag that filters out any content with a content warning.
-
+* `desktop_default` - meta-flag that doesn't filter anything out for now.
 There are also two meta-flags, which are designed so that we can change how different platforms filter the package list
 without making a release.
 * `android_default`: currently same as `*, deprecated`. Hides all content warnings and deprecated packages
 * `desktop_default`: currently same as `deprecated`. Hides deprecated packages
 ## Content Warnings
 Packages with mature content will be tagged with a content warning based
 on the content type.
-* `bad_language`: swearing.
+* `bad_language` - swearing.
-* `drugs`: drugs or alcohol.
+* `drugs` - drugs or alcohol.
 * `gambling`
-* `gore`: blood, etc.
+* `gore` - blood, etc.
-* `horror`: shocking and scary content.
+* `horror` - shocking and scary content.
-* `violence`: non-cartoon violence.
+* `violence` - non-cartoon violence.
--- a/app/flatpages/help/faq.md
+++ b/app/flatpages/help/faq.md
@ -1,50 +0,0 @@
 title: Frequently Asked Questions
 ## Users and Logins
 ### How do I create an account?
 How you create an account depends on whether you have a forum account.
 If you have a forum account, then you'll need to prove that you are the owner of the account. This can
 be done using a GitHub account or a random string in your forum account signature.
 If you don't, then you can just sign up using an email address and password.
 GitHub can only be used to login, not to register.
 <a class="btn btn-primary" href="/user/claim/">Register</a>
 ### My verification email never arrived
 There are a number of reasons this may have happened:
 * Incorrect email address entered.
 * Temporary problem with ContentDB. 
 * Email has been unsubscribed.
 If the email doesn't arrive after registering by email, then you'll need to try registering again in 12 hours.
 Unconfirmed accounts are deleted after 12 hours.
 If the email verification was sent using the Email settings tab, then you can just set a new email.
 If you have previously unsubscribed this email, then ContentDB is completely prevented from sending emails to that
 address. You'll need to use a different email address, or [contact rubenwardy](https://rubenwardy.com/contact/) to
 remove your email from the blacklist.
 ## Packages
 ### How can I create releases automatically?
 There are a number of methods:
 * [Git Update Detection](update_config): ContentDB will check your Git repo daily, and create updates or send you notifications.
 * [Webhooks](release_webhooks): you can configure your Git host to send a webhook to ContentDB, and create an update immediately.
 * the [API](api): This is especially powerful when combined with CI/CD and other API endpoints. 
 ## How do I get help?
 Please [contact rubenwardy](https://rubenwardy.com/contact/).
--- a/app/flatpages/help/featured.md
+++ b/app/flatpages/help/featured.md
@ -1,137 +0,0 @@
 title: Featured Packages
 <p class="alert alert-warning">
 	<b>Note:</b> This is a draft, and is likely to change
 </p>
 ## What are Featured Packages?
 Featured Packages are shown at the top of the ContentDB homepage. In the future,
 featured packages may be shown inside the Minetest client.
 The purpose is to promote content that demonstrates a high quality of what is
 possible in Minetest. The selection should be varied, and should vary over time.
 The featured content should be content that we are comfortable recommending to
 a first time player.
 ## How are the packages chosen?
 Before a package can be considered, it must fulfil the criteria in the below lists.
 There are three types of criteria:
 * "MUST": These must absolutely be fulfilled, no exceptions!
 * "SHOULD": Most of them should be fulfilled, if possible. Some of them can be
  left out if there's a reason.
 * "CAN": Can be fulfilled for bonus points, they are entirely optional.
 For a chance to get featured, a package must fulfil all "MUST" criteria and
 ideally as many "SHOULD" criteria as possible. The more, the better. Thankfully,
 many criteria are trivial to fulfil. Note that ticking off all the boxes is not
 enough: Just because a package completes the checklist does not make it good.
 Other aspects of the package should be rated as well. See this list as a
 starting point, not as an exhaustive quality control.
 Editors are responsible for maintaining the list of featured packages. Authors
 can request that their package be considered by opening a thread titled
 "Feature Package" on their package. To speed things up, they should justify
 why they meet (or don't meet) the below criteria. Editors must abstain from
 voting on packages where they have a conflict of interest.
 A package being featured does not mean that it will be featured forever. A
 package may be unfeatured if it no longer meets the criteria, to make space for
 other packages to be featured, or for another reason.
 ## General Requirements
 ### General
 * MUST: Be 100% free and open source (as marked as Free on ContentDB).
 * MUST: Work out-of-the-box (no weird setup or settings required).
 * MUST: Be compatible with the latest stable Minetest release.
 * SHOULD: Use public source control (such as Git).
 * SHOULD: Have at least 3 reviews, and be largely positive.
 ### Stability
 * MUST: Be well maintained (author is present and active).
 * MUST: Be reasonably stable, with no game-breaking or major bugs.
 * MUST: The author does not consider the package to be in an
  experimental/development/alpha state. Beta and "unfinished" packages are fine.
 * MUST: No error messages from the engine (e.g. missing textures).
 * SHOULD: No major map breakages (including unknown nodes, corruption, loss of inventories).
  Map breakages are a sign that the package isn't sufficiently stable.
 Note: Any map breakage will be excused if "disaster relief" (i.e. tools to repair the damage)
 is available.
 ### Meta and packaging
 * MUST: `screenshot.png` is present and up-to-date, with a correct aspect ratio (3:2, at least 300x200).
 * MUST: Have a high resolution cover image on ContentDB (at least 1280x720 pixels).
  It may be shown cropped to 16:9 aspect ratio, or shorter.
 * MUST: mod.conf/game.conf/texture_pack.conf present with:
    * name (if mod or game)
    * description
    * dependencies (if relevant)
    * `min_minetest_version` and `max_minetest_version` (if relevant)
 * MUST: Contain a README file and a LICENSE file. These may be `.md` or `.txt`.
    * README files typically contain helpful links (download, manual, bugtracker, etc), and other
      information that players or (potential) contributors may need.
 * SHOULD: All important settings are in settingtypes.txt with description.
 ## Game-specific Requirements
 ### Meta and packaging
 * MUST: Have a main menu icon and header image.
 ### Stability
 * MUST: If any major setting (like `enable_damage`) is unsupported, the game must disable it
  using `disabled_settings` in the `game.conf`, and deal with it appropriately in the code
  (e.g. force-disable the setting, as the user may still set the setting in `minetest.conf`)
 ### Usability
 * MUST: Unsupported mapgens are disabled in game.conf.
 * SHOULD: Passes the Beginner Test: A newbie to the game (but not Minetest) wouldn't get completely
  stuck within the first 5 minutes of playing.
 * SHOULD: Have good documentation. This may include one or more of:
    * A craftguide, or other in-game learning system
    * A manual
    * A wiki
    * Something else
 ### Gameplay
 * CAN: Passes the Six Hour Test (only applies to sandbox games): The game doesn't run out of new
  content before the first 6 hours of playing.
 * CAN: Players don't feel that something in the game is "lacking".
 ### Audiovisuals
 * MUST: Audiovisual design should be of good quality.
 * MUST: No obvious GUI/HUD breakages.
 * MUST: Sounds have no obvious artifacts like clicks or unintentional noise.
 * SHOULD: Graphical design is mostly consistent.
 * SHOULD: Sounds are used.
 * SHOULD: Sounds are normalized (more or less).
 ### Quality Assurance
 * MUST: No flooding the console/log file with warnings.
 * MUST: No duplicate crafting recipes.
 * MUST: Highly experimental game features are disabled by default.
 * MUST: Experimental game features are clearly marked as such.
 * SHOULD: No unknown nodes/items/objects appear.
 * SHOULD: No dependency on legacy API calls.
 * SHOULD: No console warnings.
 ### Writing
 * MUST: All items that can be obtained in normal gameplay have `description` set (whether in the definition or meta).
 * MUST: Game is not littered with typos or bad grammar (a few typos are OK but should be fixed, when found).
 * SHOULD: All items have unique names (items which disguise themselves as another item are exempt).
 * SHOULD: The writing style of all item names is grammatical and consistent.
 * SHOULD: Descriptions of things convey useful and meaningful information (if applicable).
 * CAN: Text is written in clear and (if possible) simple language.
--- a/app/flatpages/help/metrics.md
+++ b/app/flatpages/help/metrics.md
@ -6,14 +6,7 @@ title: Prometheus Metrics
 dimensional data model, flexible query language, efficient time series database
 and modern alerting approach".
-Prometheus Metrics can be accessed at [/metrics](/metrics), or you can view them
+Prometheus Metrics can be accessed at [/metrics](/metrics).
 on the Grafana instance below.
 <p>
    <a class="btn btn-primary" href="https://monitor.rubenwardy.com/d/3ELzFy3Wz/contentdb">
        View ContentDB on Grafana
    </a>
 </p>
 ## Metrics
--- a/app/flatpages/help/package_config.md
+++ b/app/flatpages/help/package_config.md
@ -50,8 +50,6 @@ It should be a JSON dictionary with one or more of the following optional keys:
 * `title`: Human-readable title.
 * `name`: Technical name (needs permission if already approved).
 * `short_description`
 * `dev_state`: One of `WIP`, `BETA`, `ACTIVELY_DEVELOPED`, `MAINTENANCE_ONLY`, `AS_IS`, `DEPRECATED`,
    `LOOKING_FOR_MAINTAINER`.
 * `tags`: List of tag names, see [/api/tags/](/api/tags/).
 * `content_warnings`: List of content warning names, see [/api/content_warnings/](/api/content_warnings/).
 * `license`: A license name, see [/api/licenses/](/api/licenses/).
@ -61,7 +59,6 @@ It should be a JSON dictionary with one or more of the following optional keys:
 * `website`: Website URL.
 * `issue_tracker`: Issue tracker URL.
 * `forums`: forum topic ID.
 * `video_url`: URL to a video.
 Use `null` to unset fields where relevant.
--- a/app/flatpages/help/ranks_permissions.md
+++ b/app/flatpages/help/ranks_permissions.md
@ -5,8 +5,7 @@ title: Ranks and Permissions
 * **New Members** - mostly untrusted, cannot change package meta data or publish releases without approval.
 * **Members** - Trusted to change the meta data of their own packages', but cannot approve their own packages.
 * **Trusted Members** - Same as above, but can approve their own releases.
-* **Approvers** - Responsible for approving new packages, screenshots, and releases.
+* **Editors** - Trusted to edit any package or release, and also responsible for approving new packages.
 * **Editors** - Same as above, and can edit any package or release.
 * **Moderators** - Same as above, but can manage users.
 * **Admins** - Full access.
@ -19,7 +18,6 @@ title: Ranks and Permissions
 			<th colspan=2 class="NEW_MEMBER">New Member</th>
 			<th colspan=2 class="MEMBER">Member</th>
 			<th colspan=2 class="TRUSTED_MEMBER">Trusted</th>
            <th colspan=2 class="APPROVER">Approver</th>
 			<th colspan=2 class="EDITOR">Editor</th>
 			<th colspan=2 class="MODERATOR">Moderator</th>
 			<th colspan=2 class="ADMIN">Admin</th>
@ -38,8 +36,6 @@ title: Ranks and Permissions
 			<th>N</th>
 			<th>Y</th>
 			<th>N</th>
 			<th>Y</th>
 			<th>N</th>
 		</tr>
 	</thead>
 	<tbody>
@ -51,8 +47,6 @@ title: Ranks and Permissions
 			<td></td>
 			<td>✓</td> <!-- trusted member -->
 			<td></td>
 			<td>✓</td> <!-- approver -->
 			<td></td>
 			<td>✓</td> <!-- editor -->
 			<td>✓</td>
 			<td>✓</td> <!-- moderator -->
@ -68,8 +62,6 @@ title: Ranks and Permissions
 			<td></td>
 			<td></td> <!-- trusted member -->
 			<td></td>
 			<td>✓</td> <!-- approver -->
 			<td>✓</td>
 			<td>✓</td> <!-- editor -->
 			<td>✓</td>
 			<td>✓</td> <!-- moderator -->
@ -85,8 +77,6 @@ title: Ranks and Permissions
 			<td></td>
 			<td>✓</td> <!-- trusted member -->
 			<td></td>
 			<td>✓</td> <!-- approver -->
 			<td>✓</td>
 			<td>✓</td> <!-- editor -->
 			<td>✓</td>
 			<td>✓</td> <!-- moderator -->
@ -102,8 +92,6 @@ title: Ranks and Permissions
 			<td></td>
 			<td>✓</td> <!-- trusted member -->
 			<td></td>
 			<td>✓</td> <!-- approver -->
 			<td></td>
 			<td>✓</td> <!-- editor -->
 			<td>✓</td>
 			<td>✓</td> <!-- moderator -->
@ -119,10 +107,8 @@ title: Ranks and Permissions
 			<td></td>
 			<td>✓</td> <!-- trusted member -->
 			<td></td>
 			<td>✓</td> <!-- approver -->
 			<td></td>
 			<td>✓</td> <!-- editor -->
-			<td>✓</td>
+			<td></td>
 			<td>✓</td> <!-- moderator -->
 			<td>✓</td>
 			<td>✓</td> <!-- admin -->
@ -136,8 +122,6 @@ title: Ranks and Permissions
 			<td></td>
 			<td>✓</td> <!-- trusted member -->
 			<td></td>
 			<td>✓</td> <!-- approver -->
 			<td></td>
 			<td>✓</td> <!-- editor -->
 			<td>✓</td>
 			<td>✓</td> <!-- moderator -->
@ -153,8 +137,6 @@ title: Ranks and Permissions
 			<td></td>
 			<td>✓</td> <!-- trusted member -->
 			<td></td>
 			<td>✓</td> <!-- approver -->
 			<td>✓</td>
 			<td>✓</td> <!-- editor -->
 			<td>✓</td>
 			<td>✓</td> <!-- moderator -->
@ -170,8 +152,6 @@ title: Ranks and Permissions
 			<td></td>
 			<td>✓</td> <!-- trusted member -->
 			<td></td>
 			<td>✓</td> <!-- approver -->
 			<td></td>
 			<td>✓</td> <!-- editor -->
 			<td>✓</td>
 			<td>✓</td> <!-- moderator -->
@ -187,8 +167,6 @@ title: Ranks and Permissions
 			<td></td>
 			<td>✓</td> <!-- trusted member -->
 			<td></td>
 			<td>✓</td> <!-- approver -->
 			<td>✓</td>
 			<td>✓</td> <!-- editor -->
 			<td>✓</td>
 			<td>✓</td> <!-- moderator -->
@ -204,8 +182,6 @@ title: Ranks and Permissions
 			<td></td>
 			<td></td> <!-- trusted member -->
 			<td></td>
 			<td></td> <!-- approver -->
 			<td></td>
 			<td></td> <!-- editor -->
 			<td></td>
 			<td></td> <!-- moderator -->
@ -221,8 +197,6 @@ title: Ranks and Permissions
 			<td></td>
 			<td>✓</td> <!-- trusted member -->
 			<td></td>
 			<td>✓</td> <!-- approver -->
 			<td>✓</td>
 			<td>✓</td> <!-- editor -->
 			<td>✓</td>
 			<td>✓</td> <!-- moderator -->
@ -238,8 +212,6 @@ title: Ranks and Permissions
 			<td></td>
 			<td>✓</td> <!-- trusted member -->
 			<td></td>
 			<td>✓</td> <!-- approver -->
 			<td></td>
 			<td>✓</td> <!-- editor -->
 			<td></td>
 			<td>✓</td> <!-- moderator -->
@ -255,8 +227,6 @@ title: Ranks and Permissions
 			<td></td>
 			<td>✓</td> <!-- trusted member -->
 			<td></td>
 			<td>✓</td> <!-- approver -->
 			<td></td>
 			<td>✓</td> <!-- editor -->
 			<td></td>
 			<td>✓</td> <!-- moderator -->
@ -272,8 +242,6 @@ title: Ranks and Permissions
 			<td></td>
 			<td>✓</td> <!-- trusted member -->
 			<td></td>
 			<td>✓</td> <!-- approver -->
 			<td></td>
 			<td>✓</td> <!-- editor -->
 			<td></td>
 			<td>✓</td> <!-- moderator -->
@ -289,12 +257,10 @@ title: Ranks and Permissions
 			<td></td>
 			<td></td> <!-- trusted member -->
 			<td></td>
 			<td></td> <!-- approver -->
 			<td></td>
 			<td></td> <!-- editor -->
 			<td></td>
-			<th>✓<sup>2</sup></th> <!-- moderator -->
+			<th>✓<sup>3</sup></th> <!-- moderator -->
-			<th>✓<sup>1</sup><sup>2</sup></th>
+			<th>✓<sup>2</sup><sup>3</sup></th>
 			<td>✓</td> <!-- admin -->
 			<td>✓</td>
 		</tr>
@ -302,5 +268,5 @@ title: Ranks and Permissions
 </table>
-1. Target user cannot be an admin.
+2. Target user cannot be an admin.
-2 Cannot set user to a higher rank than themselves.
+3. Cannot set user to a higher rank than themselves.
--- a/app/flatpages/help/release_webhooks.md
+++ b/app/flatpages/help/release_webhooks.md
@ -20,11 +20,6 @@ The process is as follows:
 3. The git host posts a webhook notification to ContentDB, using the API token assigned to it.
 4. ContentDB checks the API token and issues a new release.
 <p class="alert alert-warning">
    "New commit" or "push" based webhooks will currently only work on branches named `master` or
    `main`.
 </p>
 ## Setting up
 ### GitHub
@ -54,10 +49,9 @@ The process is as follows:
      choose "Tag push events".
 8. Add webhook.
-## Configuring Release Creation
+## Configuring
 See the [Package Configuration and Releases Guide](/help/package_config/) for
 documentation on configuring the release creation.
-
+You can set the min/max Minetest version from the Git repository, and also
-From the Git repository, you can set the min/max Minetest versions, which files are included,
+configure what files are included.
 and update the package meta.
--- a/app/flatpages/help/reporting.md
+++ b/app/flatpages/help/reporting.md
@ -0,0 +1,8 @@
 title: Reporting Content
 Please let us know if anything on the ContentDB violates our rules or any applicable
 laws.
 We take copyright violation and other offenses very seriously.
 <a href="https://rubenwardy.com/contact/" class="btn btn-success">Contact</a>
--- a/app/flatpages/help/wtfpl.md
+++ b/app/flatpages/help/wtfpl.md
@ -6,7 +6,7 @@ toc: False
 	Please reconsider the choice of WTFPL as a license.
-	<script src="/static/libs/jquery.min.js"></script>
+	<script src="/static/jquery.min.js"></script>
 	<script>
 		// @author rubenwardy
 		// @license magnet:?xt=urn:btih:1f739d935676111cfff4b4693e3816e664797050&dn=gpl-3.0.txt GPL-v3-or-Later
--- a/app/flatpages/policy_and_guidance.md
+++ b/app/flatpages/policy_and_guidance.md
@ -27,7 +27,7 @@ including ones not covered by this document, and to ban users who abuse this ser
 ### 2.1. Acceptable Content
 Sexually-orientated content is not permitted.
-If in doubt at what this means, [contact us by raising a report](/report/).
+If in doubt at what this means, [contact us by raising a report](/help/reporting/).
 Mature content is permitted providing that it is labelled correctly.
 See [Content Flags](/help/content_flags/).
@ -46,9 +46,6 @@ but still has value. Note that this doesn't mean that you should add a thing
 you started working on yesterday, it's worth adding all the basic stuff to
 make your package useful.
 You should make sure to mark Work in Progress stuff as such in the "maintenance status" column, 
 as this will help advise players.
 Adding non-player facing mods, such as libraries and server tools, is perfectly fine
 and encouraged. ContentDB isn't just for player-facing things, and adding
 libraries allows them to be installed when a mod depends on it.
@ -137,20 +134,6 @@ ContentDB is for the community. We may remove any promotions if we feel that
 they're inappropriate.
-## 6. Reviews and Package Score
+## 6. Reporting Violations
-You may invite players to review your package(s). One way to do this is by sharing the link found in the
+See the [Reporting Content](/help/reporting/) page.
 "Share and Badges" page of the package's settings.
 You must not require anyone to review a package. You must not promise or provide incentives for reviewing a package,
 including but not limited to monetary rewards, in-game items, features, and/or privileges.
 You may give a cosmetic-only role or badge to those who review your package - this must not be tied to the content or
 rating of the review.
 You must not attempt to unfairly manipulate your package's ranking, whether by reviews or any other method.
 Doing so may result in temporary or permanent suspension from ContentDB.
 ## 7. Reporting Violations
 Please click "Report" on the package page.
--- a/app/flatpages/privacy_policy.md
+++ b/app/flatpages/privacy_policy.md
@ -1,8 +1,5 @@
 title: Privacy Policy
 Last Updated: 2022-01-23
 ([View updates](https://github.com/minetest/contentdb/commits/master/app/flatpages/privacy_policy.md))
 ## What Information is Collected
 **All users:**
@ -12,14 +9,13 @@ Last Updated: 2022-01-23
 	* IP address
 	* Page URL
 	* Response status code
 * Preferred language/locale. This defaults to the browser's locale, but can be changed by the user
 **With an account:**
 * Email address
 * Passwords (hashed and salted using BCrypt)
 * Profile information, such as website URLs and donation URLs
-* Comments, threads, and reviews
+* Comments and threads
 * Audit log actions (such as edits and logins) and their time stamps
 ContentDB collects usernames of content creators from the forums,
@ -34,12 +30,10 @@ Please avoid giving other personal information as we do not want it.
 * Logged HTTP requests may be used for debugging ContentDB.
 * Email addresses are used to:
-    * Provide essential system messages, such as password resets and privacy policy updates.
+    * Provide essential system messages, such as password resets.
    * Send notifications - the user may configure this to their needs, including opting out.
    * The admin may use ContentDB to send emails when they need to contact a user.
 * Passwords are used to authenticate the user.
-* The audit log is used to record actions that may be harmful.
+* The audit log is used to record actions that may be harmful
 * Preferred language/locale is used to translate emails and the ContentDB interface.
 * Other information is displayed as part of ContentDB's service.
 ## Who has access
@ -49,7 +43,7 @@ Please avoid giving other personal information as we do not want it.
 * Encrypted backups may be shared with selected Minetest staff members (moderators + core devs).
  The keys and the backups themselves are given to different people,
  requiring at least two staff members to read a backup.
-* Email addresses are visible to moderators and the admin.
+* Emails are visible to moderators and the admin.
  They have access to assist users, and they are not permitted to share email addresses.
 * Hashing protects passwords from being read whilst stored in the database or in backups.
 * Profile information is public, including URLs and linked accounts.
@ -58,12 +52,11 @@ Please avoid giving other personal information as we do not want it.
 * The complete audit log is visible to moderators.
  Users may see their own audit log actions on their account settings page.
  Owners, maintainers, and editors may be able to see the actions on a package in the future.
 * Preferred language can only be viewed by this with access to the database or a backup.
 * We may be required to share information with law enforcement.
 ## Location
-The ContentDB production server is currently located in Germany.
+The ContentDB production server is currently located in Canada.
 Backups are stored in the UK.
 Encrypted backups may be stored in other countries, such as the US or EU.
@ -79,7 +72,7 @@ requested. See below.
 ## Removal Requests
-Please [raise a report](https://content.minetest.net/report/?anon=0) if you
+Please [raise a report](https://content.minetest.net/help/reporting/) if you
 wish to remove your personal information.
 ContentDB keeps a record of each username and forum topic on the forums,
--- a/app/logic/game_support.py
+++ b/app/logic/game_support.py
@ -1,188 +0,0 @@
 # ContentDB
 # Copyright (C) 2022 rubenwardy
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
 #
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU Affero General Public License for more details.
 #
 # You should have received a copy of the GNU Affero General Public License
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
 import sys
 from typing import List, Dict, Optional, Iterator, Iterable
 from app.logic.LogicError import LogicError
 from app.models import Package, MetaPackage, PackageType, PackageState, PackageGameSupport, db
 """
 get_game_support(package):
 	if package is a game:
 		return [ package ]
 	for all hard dependencies:
 		support = support AND get_meta_package_support(dep)
 	return support
 get_meta_package_support(meta):
 	for package implementing meta package:
 		support = support OR get_game_support(package)
 	return support
 """
 minetest_game_mods = {
 	"beds", "boats", "bucket", "carts", "default", "dungeon_loot", "env_sounds", "fire", "flowers",
 	"give_initial_stuff", "map", "player_api", "sethome", "spawn", "tnt", "walls", "wool",
 	"binoculars", "bones", "butterflies", "creative", "doors", "dye", "farming", "fireflies", "game_commands",
 	"keys", "mtg_craftguide", "screwdriver", "sfinv", "stairs", "vessels", "weather", "xpanes",
 }
 mtg_mod_blacklist = {
 	"repixture", "tutorial", "runorfall", "realtest_mt5", "mevo", "xaenvironment",
 	"survivethedays"
 }
 class PackageSet:
 	packages: Dict[str, Package]
 	def __init__(self, packages: Optional[Iterable[Package]] = None):
 		self.packages = {}
 		if packages:
 			self.update(packages)
 	def update(self, packages: Iterable[Package]):
 		for package in packages:
 			key = package.getId()
 			if key not in self.packages:
 				self.packages[key] = package
 	def intersection_update(self, other):
 		keys = set(self.packages.keys())
 		keys.difference_update(set(other.packages.keys()))
 		for key in keys:
 			del self.packages[key]
 	def __len__(self):
 		return len(self.packages)
 	def __iter__(self):
 		return self.packages.values().__iter__()
 class GameSupportResolver:
 	checked_packages = set()
 	checked_metapackages = set()
 	resolved_packages: Dict[str, PackageSet] = {}
 	resolved_metapackages: Dict[str, PackageSet] = {}
 	def resolve_for_meta_package(self, meta: MetaPackage, history: List[str]) -> PackageSet:
 		print(f"Resolving for {meta.name}", file=sys.stderr)
 		key = meta.name
 		if key in self.resolved_metapackages:
 			return self.resolved_metapackages.get(key)
 		if key in self.checked_metapackages:
 			print(f"Error, cycle found: {','.join(history)}", file=sys.stderr)
 			return PackageSet()
 		self.checked_metapackages.add(key)
 		retval = PackageSet()
 		for package in meta.packages:
 			if package.state != PackageState.APPROVED:
 				continue
 			if meta.name in minetest_game_mods and package.name in mtg_mod_blacklist:
 				continue
 			ret = self.resolve(package, history)
 			if len(ret) == 0:
 				retval = PackageSet()
 				break
 			retval.update(ret)
 		self.resolved_metapackages[key] = retval
 		return retval
 	def resolve(self, package: Package, history: List[str]) -> PackageSet:
 		db.session.merge(package)
 		key = package.getId()
 		print(f"Resolving for {key}", file=sys.stderr)
 		history = history.copy()
 		history.append(key)
 		if package.type == PackageType.GAME:
 			return PackageSet([package])
 		if key in self.resolved_packages:
 			return self.resolved_packages.get(key)
 		if key in self.checked_packages:
 			print(f"Error, cycle found: {','.join(history)}", file=sys.stderr)
 			return PackageSet()
 		self.checked_packages.add(key)
 		if package.type != PackageType.MOD:
 			raise LogicError(500, "Got non-mod")
 		retval = PackageSet()
 		for dep in package.dependencies.filter_by(optional=False).all():
 			ret = self.resolve_for_meta_package(dep.meta_package, history)
 			if len(ret) == 0:
 				continue
 			elif len(retval) == 0:
 				retval.update(ret)
 			else:
 				retval.intersection_update(ret)
 				if len(retval) == 0:
 					raise LogicError(500, f"Detected game support contradiction, {key} may not be compatible with any games")
 		self.resolved_packages[key] = retval
 		return retval
 	def update_all(self) -> None:
 		for package in Package.query.filter(Package.type == PackageType.MOD, Package.state != PackageState.DELETED).all():
 			retval = self.resolve(package, [])
 			for game in retval:
 				support = PackageGameSupport(package, game)
 				db.session.add(support)
 	def update(self, package: Package) -> None:
 		previous_supported: Dict[str, PackageGameSupport] = {}
 		for support in package.supported_games.all():
 			previous_supported[support.game.getId()] = support
 		retval = self.resolve(package, [])
 		for game in retval:
 			assert game
 			lookup = previous_supported.pop(game.getId(), None)
 			if lookup is None:
 				support = PackageGameSupport(package, game)
 				db.session.add(support)
 			elif lookup.confidence == 0:
 				lookup.supports = True
 				db.session.merge(lookup)
 		for game, support in previous_supported.items():
 			if support.confidence == 0:
 				db.session.remove(support)
--- a/app/logic/packages.py
+++ b/app/logic/packages.py
@ -17,13 +17,10 @@
 import re
 import validators
 from flask_babel import lazy_gettext
 from app.logic.LogicError import LogicError
-from app.models import User, Package, PackageType, MetaPackage, Tag, ContentWarning, db, Permission, AuditSeverity, \
+from app.models import User, Package, PackageType, MetaPackage, Tag, ContentWarning, db, Permission, AuditSeverity, License
 	License, UserRank, PackageDevState
 from app.utils import addAuditLog
 from app.utils.url import clean_youtube_url
 def check(cond: bool, msg: str):
@ -37,24 +34,23 @@ def get_license(name):
 	license = License.query.filter(License.name.ilike(name)).first()
 	if license is None:
-		raise LogicError(400, "Unknown license " + name)
+		raise LogicError(400, "Unknown license: " + name)
 	return license
 name_re = re.compile("^[a-z0-9_]+$")
-AnyType = "?"
+any = "?"
 ALLOWED_FIELDS = {
-	"type": AnyType,
+	"type": any,
 	"title": str,
 	"name": str,
 	"short_description": str,
 	"short_desc": str,
 	"dev_state": AnyType,
 	"tags": list,
 	"content_warnings": list,
-	"license": AnyType,
+	"license": any,
-	"media_license": AnyType,
+	"media_license": any,
 	"long_description": str,
 	"desc": str,
 	"repo": str,
@ -62,7 +58,6 @@ ALLOWED_FIELDS = {
 	"issue_tracker": str,
 	"issueTracker": str,
 	"forums": int,
 	"video_url": str,
 }
 ALIASES = {
@ -85,14 +80,14 @@ def validate(data: dict):
 		if value is not None:
 			typ = ALLOWED_FIELDS.get(key)
 			check(typ is not None, key + " is not a known field")
-			if typ != AnyType:
+			if typ != any:
 				check(isinstance(value, typ), key + " must be a " + typ.__name__)
 	if "name" in data:
 		name = data["name"]
 		check(isinstance(name, str), "Name must be a string")
 		check(bool(name_re.match(name)),
-			lazy_gettext("Name can only contain lower case letters (a-z), digits (0-9), and underscores (_)"))
+			"Name can only contain lower case letters (a-z), digits (0-9), and underscores (_)")
 	for key in ["repo", "website", "issue_tracker", "issueTracker"]:
 		value = data.get(key)
@ -103,14 +98,13 @@ def validate(data: dict):
 			check(validators.url(value, public=True), key + " must be a valid URL")
-def do_edit_package(user: User, package: Package, was_new: bool, was_web: bool, data: dict,
+def do_edit_package(user: User, package: Package, was_new: bool, data: dict, reason: str = None):
 		reason: str = None):
 	if not package.checkPerm(user, Permission.EDIT_PACKAGE):
-		raise LogicError(403, lazy_gettext("You do not have permission to edit this package"))
+		raise LogicError(403, "You do not have permission to edit this package")
 	if "name" in data and package.name != data["name"] and \
 			not package.checkPerm(user, Permission.CHANGE_NAME):
-		raise LogicError(403, lazy_gettext("You do not have permission to change the package name"))
+		raise LogicError(403, "You do not have permission to change the package name")
 	for alias, to in ALIASES.items():
 		if alias in data:
@ -121,22 +115,14 @@ def do_edit_package(user: User, package: Package, was_new: bool, was_web: bool,
 	if "type" in data:
 		data["type"] = PackageType.coerce(data["type"])
 	if "dev_state" in data:
 		data["dev_state"] = PackageDevState.coerce(data["dev_state"])
 	if "license" in data:
 		data["license"] = get_license(data["license"])
 	if "media_license" in data:
 		data["media_license"] = get_license(data["media_license"])
-	if "video_url" in data and data["video_url"] is not None:
+	for key in ["name", "title", "short_desc", "desc", "type", "license", "media_license",
-		data["video_url"] = clean_youtube_url(data["video_url"]) or data["video_url"]
+			"repo", "website", "issueTracker", "forums"]:
 		if "dQw4w9WgXcQ" in data["video_url"]:
 			raise LogicError(403, "Never gonna give you up / Never gonna let you down / Never gonna run around and desert you")
 	for key in ["name", "title", "short_desc", "desc", "type", "dev_state", "license", "media_license",
 			"repo", "website", "issueTracker", "forums", "video_url"]:
 		if key in data:
 			setattr(package, key, data[key])
@ -148,28 +134,15 @@ def do_edit_package(user: User, package: Package, was_new: bool, was_web: bool,
 		package.provides.append(m)
 	if "tags" in data:
 		old_tags = list(package.tags)
 		package.tags.clear()
 		for tag_id in data["tags"]:
 			if is_int(tag_id):
-				tag = Tag.query.get(tag_id)
+				package.tags.append(Tag.query.get(tag_id))
 			else:
 				tag = Tag.query.filter_by(name=tag_id).first()
 				if tag is None:
 					raise LogicError(400, "Unknown tag: " + tag_id)
-
+				package.tags.append(tag)
 			if not was_web and tag.is_protected:
 				continue
 			if tag.is_protected and tag not in old_tags and not user.rank.atLeast(UserRank.EDITOR):
 				raise LogicError(400, lazy_gettext("Unable to add protected tag %(title)s to package", title=tag.title))
 			package.tags.append(tag)
 		if not was_web:
 			for tag in old_tags:
 				if tag.is_protected:
 					package.tags.append(tag)
 	if "content_warnings" in data:
 		package.content_warnings.clear()
@ -189,7 +162,7 @@ def do_edit_package(user: User, package: Package, was_new: bool, was_web: bool,
 			msg = "Edited {} ({})".format(package.title, reason)
 		severity = AuditSeverity.NORMAL if user in package.maintainers else AuditSeverity.EDITOR
-		addAuditLog(severity, user, msg, package.getURL("packages.view"), package)
+		addAuditLog(severity, user, msg, package.getDetailsURL(), package)
 	db.session.commit()
--- a/app/logic/releases.py
+++ b/app/logic/releases.py
@ -15,10 +15,9 @@
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
-import datetime, re
+import datetime
 from celery import uuid
 from flask_babel import lazy_gettext
 from app.logic.LogicError import LogicError
 from app.logic.uploads import upload_file
@ -29,12 +28,12 @@ from app.utils import AuditSeverity, addAuditLog, nonEmptyOrNone
 def check_can_create_release(user: User, package: Package):
 	if not package.checkPerm(user, Permission.MAKE_RELEASE):
-		raise LogicError(403, lazy_gettext("You do not have permission to make releases"))
+		raise LogicError(403, "You do not have permission to make releases")
 	five_minutes_ago = datetime.datetime.now() - datetime.timedelta(minutes=5)
 	count = package.releases.filter(PackageRelease.releaseDate > five_minutes_ago).count()
-	if count >= 5:
+	if count >= 2:
-		raise LogicError(429, lazy_gettext("You've created too many releases for this package in the last 5 minutes, please wait before trying again"))
+		raise LogicError(429, "Too many requests, please wait before trying again")
 def do_create_vcs_release(user: User, package: Package, title: str, ref: str,
@ -54,7 +53,7 @@ def do_create_vcs_release(user: User, package: Package, title: str, ref: str,
 		msg = "Created release {}".format(rel.title)
 	else:
 		msg = "Created release {} ({})".format(rel.title, reason)
-	addAuditLog(AuditSeverity.NORMAL, user, msg, package.getURL("packages.view"), package)
+	addAuditLog(AuditSeverity.NORMAL, user, msg, package.getDetailsURL(), package)
 	db.session.commit()
@ -64,15 +63,9 @@ def do_create_vcs_release(user: User, package: Package, title: str, ref: str,
 def do_create_zip_release(user: User, package: Package, title: str, file,
-		min_v: MinetestRelease = None, max_v: MinetestRelease = None, reason: str = None,
+		min_v: MinetestRelease = None, max_v: MinetestRelease = None, reason: str = None):
 		commit_hash: str = None):
 	check_can_create_release(user, package)
 	if commit_hash:
 		commit_hash = commit_hash.lower()
 		if not (len(commit_hash) == 40 and re.match(r"^[0-9a-f]+$", commit_hash)):
 			raise LogicError(400, lazy_gettext("Invalid commit hash; it must be a 40 character long base16 string"))
 	uploaded_url, uploaded_path = upload_file(file, "zip", "a zip file")
 	rel = PackageRelease()
@ -80,7 +73,6 @@ def do_create_zip_release(user: User, package: Package, title: str, file,
 	rel.title   = title
 	rel.url     = uploaded_url
 	rel.task_id = uuid()
 	rel.commit_hash = commit_hash
 	rel.min_rel = min_v
 	rel.max_rel = max_v
 	db.session.add(rel)
@ -89,7 +81,7 @@ def do_create_zip_release(user: User, package: Package, title: str, file,
 		msg = "Created release {}".format(rel.title)
 	else:
 		msg = "Created release {} ({})".format(rel.title, reason)
-	addAuditLog(AuditSeverity.NORMAL, user, msg, package.getURL("packages.view"), package)
+	addAuditLog(AuditSeverity.NORMAL, user, msg, package.getDetailsURL(), package)
 	db.session.commit()
--- a/app/logic/screenshots.py
+++ b/app/logic/screenshots.py
@ -1,21 +1,18 @@
-import datetime, json
+import datetime
 from flask_babel import lazy_gettext
 from app.logic.LogicError import LogicError
 from app.logic.uploads import upload_file
 from app.models import User, Package, PackageScreenshot, Permission, NotificationType, db, AuditSeverity
 from app.utils import addNotification, addAuditLog
 from app.utils.image import get_image_size
-def do_create_screenshot(user: User, package: Package, title: str, file, is_cover_image: bool, reason: str = None):
+def do_create_screenshot(user: User, package: Package, title: str, file, reason: str = None):
 	thirty_minutes_ago = datetime.datetime.now() - datetime.timedelta(minutes=30)
 	count = package.screenshots.filter(PackageScreenshot.created_at > thirty_minutes_ago).count()
 	if count >= 20:
-		raise LogicError(429, lazy_gettext("Too many requests, please wait before trying again"))
+		raise LogicError(429, "Too many requests, please wait before trying again")
-	uploaded_url, uploaded_path = upload_file(file, "image", lazy_gettext("a PNG or JPG image file"))
+	uploaded_url, uploaded_path = upload_file(file, "image", "a PNG or JPG image file")
 	counter = 1
 	for screenshot in package.screenshots.all():
@ -28,13 +25,6 @@ def do_create_screenshot(user: User, package: Package, title: str, file, is_cove
 	ss.url      = uploaded_url
 	ss.approved = package.checkPerm(user, Permission.APPROVE_SCREENSHOT)
 	ss.order    = counter
 	ss.width, ss.height = get_image_size(uploaded_path)
 	if ss.is_too_small():
 		raise LogicError(429,
 				lazy_gettext("Screenshot is too small, it should be at least %(width)s by %(height)s pixels",
 						width=PackageScreenshot.HARD_MIN_SIZE[0], height=PackageScreenshot.HARD_MIN_SIZE[1]))
 	db.session.add(ss)
 	if reason is None:
@ -42,15 +32,11 @@ def do_create_screenshot(user: User, package: Package, title: str, file, is_cove
 	else:
 		msg = "Created screenshot {} ({})".format(ss.title, reason)
-	addNotification(package.maintainers, user, NotificationType.PACKAGE_EDIT, msg, package.getURL("packages.view"), package)
+	addNotification(package.maintainers, user, NotificationType.PACKAGE_EDIT, msg, package.getDetailsURL(), package)
-	addAuditLog(AuditSeverity.NORMAL, user, msg, package.getURL("packages.view"), package)
+	addAuditLog(AuditSeverity.NORMAL, user, msg, package.getDetailsURL(), package)
 	db.session.commit()
 	if is_cover_image:
 		package.cover_image = ss
 		db.session.commit()
 	return ss
@ -60,28 +46,13 @@ def do_order_screenshots(_user: User, package: Package, order: [any]):
 		lookup[screenshot.id] = screenshot
 	counter = 1
-	for ss_id in order:
+	for id in order:
 		try:
-			lookup[int(ss_id)].order = counter
+			lookup[int(id)].order = counter
 			counter += 1
 		except KeyError as e:
-			raise LogicError(400, "Unable to find screenshot with id={}".format(ss_id))
+			raise LogicError(400, "Unable to find screenshot with id={}".format(id))
-		except (ValueError, TypeError) as e:
+		except ValueError as e:
-			raise LogicError(400, "Invalid id, not a number: {}".format(json.dumps(ss_id)))
+			raise LogicError(400, "Invalid number: {}".format(id))
 	db.session.commit()
 def do_set_cover_image(_user: User, package: Package, cover_image):
 	try:
 		cover_image = int(cover_image)
 	except (ValueError, TypeError) as e:
 		raise LogicError(400, "Invalid id, not a number: {}".format(json.dumps(cover_image)))
 	for screenshot in package.screenshots.all():
 		if screenshot.id == cover_image:
 			package.cover_image = screenshot
 			db.session.commit()
 			return
 	raise LogicError(400, "Unable to find screenshot")
--- a/app/logic/uploads.py
+++ b/app/logic/uploads.py
@ -18,8 +18,6 @@
 import imghdr
 import os
 from flask_babel import lazy_gettext
 from app.logic.LogicError import LogicError
 from app.models import *
 from app.utils import randomString
@ -49,10 +47,10 @@ def upload_file(file, fileType, fileTypeDesc):
 	ext = get_extension(file.filename)
 	if ext is None or not ext in allowedExtensions:
-		raise LogicError(400, lazy_gettext("Please upload %(file_desc)s", file_desc=fileTypeDesc))
+		raise LogicError(400, "Please upload " + fileTypeDesc)
 	if isImage and not isAllowedImage(file.stream.read()):
-		raise LogicError(400, lazy_gettext("Uploaded image isn't actually an image"))
+		raise LogicError(400, "Uploaded image isn't actually an image")
 	file.stream.seek(0)
--- a/app/maillogger.py
+++ b/app/maillogger.py
@ -70,15 +70,10 @@ class FlaskMailHandler(logging.Handler):
 		return subject
 	def emit(self, record):
 		subject = self.getSubject(record)
 		text = self.format(record)				if self.formatter	  else None
 		html = "<pre>{}</pre>".format(text)
 		if "The recipient has exceeded message rate limit. Try again later" in subject:
 			return
 		for email in self.send_to:
-			send_user_email.delay(email, "en", subject, text, html)
+			send_user_email.delay(email, self.getSubject(record), text, html)
 def build_handler(app):
--- a/app/markdown.py
+++ b/app/markdown.py
@ -1,179 +0,0 @@
 from functools import partial
 import bleach
 from bleach import Cleaner
 from bleach.linkifier import LinkifyFilter
 from bs4 import BeautifulSoup
 from markdown import Markdown
 from flask import Markup, url_for
 from markdown.extensions import Extension
 from markdown.inlinepatterns import SimpleTagInlineProcessor
 from markdown.inlinepatterns import Pattern
 from xml.etree import ElementTree
 # Based on
 # https://github.com/Wenzil/mdx_bleach/blob/master/mdx_bleach/whitelist.py
 #
 # License: MIT
 ALLOWED_TAGS = [
 	"h1", "h2", "h3", "h4", "h5", "h6", "hr",
 	"ul", "ol", "li",
 	"p",
 	"br",
 	"pre",
 	"code",
 	"blockquote",
 	"strong",
 	"em",
 	"a",
 	"img",
 	"table", "thead", "tbody", "tr", "th", "td",
 	"div", "span", "del", "s",
 ]
 ALLOWED_CSS = [
 	"highlight", "codehilite",
 	"hll", "c", "err", "g", "k", "l", "n", "o", "x", "p", "ch", "cm", "cp", "cpf", "c1", "cs",
 	"gd", "ge", "gr", "gh", "gi", "go", "gp", "gs", "gu", "gt", "kc", "kd", "kn", "kp", "kr",
 	"kt", "ld", "m", "s", "na", "nb", "nc", "no", "nd", "ni", "ne", "nf", "nl", "nn", "nx",
 	"py", "nt", "nv", "ow", "w", "mb", "mf", "mh", "mi", "mo", "sa", "sb", "sc", "dl", "sd",
 	"s2", "se", "sh", "si", "sx", "sr", "s1", "ss", "bp", "fm", "vc", "vg", "vi", "vm", "il",
 ]
 def allow_class(_tag, name, value):
 	return name == "class" and value in ALLOWED_CSS
 ALLOWED_ATTRIBUTES = {
 	"h1": ["id"],
 	"h2": ["id"],
 	"h3": ["id"],
 	"h4": ["id"],
 	"a": ["href", "title", "data-username"],
 	"img": ["src", "title", "alt"],
 	"code": allow_class,
 	"div": allow_class,
 	"span": allow_class,
 }
 ALLOWED_PROTOCOLS = ["http", "https", "mailto"]
 md = None
 def render_markdown(source):
 	html = md.convert(source)
 	cleaner = Cleaner(
 		tags=ALLOWED_TAGS,
 		attributes=ALLOWED_ATTRIBUTES,
 		protocols=ALLOWED_PROTOCOLS,
 		filters=[partial(LinkifyFilter, callbacks=bleach.linkifier.DEFAULT_CALLBACKS)])
 	return cleaner.clean(html)
 class DelInsExtension(Extension):
 	def extendMarkdown(self, md):
 		del_proc = SimpleTagInlineProcessor(r"(\~\~)(.+?)(\~\~)", "del")
 		md.inlinePatterns.register(del_proc, "del", 200)
 		ins_proc = SimpleTagInlineProcessor(r"(\+\+)(.+?)(\+\+)", "ins")
 		md.inlinePatterns.register(ins_proc, "ins", 200)
 RE_PARTS = dict(
 	USER=r"[A-Za-z0-9._-]*\b",
 	REPO=r"[A-Za-z0-9_]+\b"
 )
 class MentionPattern(Pattern):
 	ANCESTOR_EXCLUDES = ("a",)
 	def __init__(self, config, md):
 		MENTION_RE = r"(@({USER})(?:\/({REPO}))?)".format(**RE_PARTS)
 		super(MentionPattern, self).__init__(MENTION_RE, md)
 		self.config = config
 	def handleMatch(self, m):
 		from app.models import User
 		label = m.group(2)
 		user = m.group(3)
 		package_name = m.group(4)
 		if package_name:
 			el = ElementTree.Element("a")
 			el.text = label
 			el.set("href", url_for("packages.view", author=user, name=package_name))
 			return el
 		else:
 			if User.query.filter_by(username=user).count() == 0:
 				return None
 			el = ElementTree.Element("a")
 			el.text = label
 			el.set("href", url_for("users.profile", username=user))
 			el.set("data-username", user)
 			return el
 class MentionExtension(Extension):
 	def __init__(self, *args, **kwargs):
 		super(MentionExtension, self).__init__(*args, **kwargs)
 	def extendMarkdown(self, md):
 		md.ESCAPED_CHARS.append("@")
 		md.inlinePatterns.register(MentionPattern(self.getConfigs(), md), "mention", 20)
 MARKDOWN_EXTENSIONS = ["fenced_code", "tables", "codehilite", "toc", DelInsExtension(), MentionExtension()]
 MARKDOWN_EXTENSION_CONFIG = {
 	"fenced_code": {},
 	"tables": {},
 	"codehilite": {
 		"guess_lang": False,
 	}
 }
 def init_markdown(app):
 	global md
 	md = Markdown(extensions=MARKDOWN_EXTENSIONS,
 			extension_configs=MARKDOWN_EXTENSION_CONFIG,
 			output_format="html5")
 	@app.template_filter()
 	def markdown(source):
 		return Markup(render_markdown(source))
 def get_headings(html: str):
 	soup = BeautifulSoup(html, "html.parser")
 	headings = soup.find_all(["h1", "h2", "h3"])
 	root = []
 	stack = []
 	for heading in headings:
 		this = {"link": heading.get("id") or "", "text": heading.text, "children": []}
 		this_level = int(heading.name[1:]) - 1
 		while this_level <= len(stack):
 			stack.pop()
 		if len(stack) > 0:
 			stack[-1]["children"].append(this)
 		else:
 			root.append(this)
 		stack.append(this)
 	return root
 def get_user_mentions(html: str) -> set:
 	soup = BeautifulSoup(html, "html.parser")
 	links = soup.select("a[data-username]")
 	return set([x.get("data-username") for x in links])
--- a/app/models/init.py
+++ b/app/models/init.py
@ -72,7 +72,7 @@ class AuditSeverity(enum.Enum):
 	@classmethod
 	def coerce(cls, item):
-		return item if type(item) == AuditSeverity else AuditSeverity[item.upper()]
+		return item if type(item) == AuditSeverity else AuditSeverity[item]
 class AuditLogEntry(db.Model):
@ -115,10 +115,10 @@ class ForumTopic(db.Model):
 	topic_id  = db.Column(db.Integer, primary_key=True, autoincrement=False)
 	author_id = db.Column(db.Integer, db.ForeignKey("user.id"), nullable=False)
-	author    = db.relationship("User", back_populates="forum_topics")
+	author    = db.relationship("User")
-	wip       = db.Column(db.Boolean, default=False, nullable=False)
+	wip       = db.Column(db.Boolean, server_default="0")
-	discarded = db.Column(db.Boolean, default=False, nullable=False)
+	discarded = db.Column(db.Boolean, server_default="0")
 	type      = db.Column(db.Enum(PackageType), nullable=False)
 	title     = db.Column(db.String(200), nullable=False)
--- a/app/models/packages.py
+++ b/app/models/packages.py
@ -19,14 +19,12 @@ import datetime
 import enum
 from flask import url_for
 from flask_babel import lazy_gettext
 from flask_sqlalchemy import BaseQuery
 from sqlalchemy_searchable import SearchQueryMixin
 from sqlalchemy_utils.types import TSVectorType
 from . import db
 from .users import Permission, UserRank, User
 from .. import app
 class PackageQuery(BaseQuery, SearchQueryMixin):
@ -37,12 +35,10 @@ class License(db.Model):
 	id      = db.Column(db.Integer, primary_key=True)
 	name    = db.Column(db.String(50), nullable=False, unique=True)
 	is_foss = db.Column(db.Boolean,    nullable=False, default=True)
 	url     = db.Column(db.String(128), nullable=True, default=None)
-	def __init__(self, v: str, is_foss: bool = True, url: str = None):
+	def __init__(self, v, is_foss=True):
 		self.name = v
 		self.is_foss = is_foss
 		self.url = url
 	def __str__(self):
 		return self.name
@ -59,24 +55,6 @@ class PackageType(enum.Enum):
 	def __str__(self):
 		return self.name
 	@property
 	def text(self):
 		if self == PackageType.MOD:
 			return lazy_gettext("Mod")
 		elif self == PackageType.GAME:
 			return lazy_gettext("Game")
 		elif self == PackageType.TXP:
 			return lazy_gettext("Texture Pack")
 	@property
 	def plural(self):
 		if self == PackageType.MOD:
 			return lazy_gettext("Mods")
 		elif self == PackageType.GAME:
 			return lazy_gettext("Games")
 		elif self == PackageType.TXP:
 			return lazy_gettext("Texture Packs")
 	@classmethod
 	def get(cls, name):
 		try:
@ -86,70 +64,11 @@ class PackageType(enum.Enum):
 	@classmethod
 	def choices(cls):
-		return [(choice, choice.text) for choice in cls]
+		return [(choice, choice.value) for choice in cls]
 	@classmethod
 	def coerce(cls, item):
-		return item if type(item) == PackageType else PackageType[item.upper()]
+		return item if type(item) == PackageType else PackageType[item]
 class PackageDevState(enum.Enum):
 	WIP = "Work in Progress"
 	BETA  = "Beta"
 	ACTIVELY_DEVELOPED = "Actively Developed"
 	MAINTENANCE_ONLY = "Maintenance Only"
 	AS_IS = "As-Is"
 	DEPRECATED = "Deprecated"
 	LOOKING_FOR_MAINTAINER = "Looking for Maintainer"
 	def toName(self):
 		return self.name.lower()
 	def __str__(self):
 		return self.name
 	def get_desc(self):
 		if self == PackageDevState.WIP:
 			return "Under active development, and may break worlds/things without warning"
 		elif self == PackageDevState.BETA:
 			return "Fully playable, but with some breakages/changes expected"
 		elif self == PackageDevState.MAINTENANCE_ONLY:
 			return "Finished, with bug fixes being made as needed"
 		elif self == PackageDevState.AS_IS:
 			return "Finished, the maintainer doesn't intend to continue working on it or provide support"
 		elif self == PackageDevState.DEPRECATED:
 			return "The maintainer doesn't recommend this package. See the description for more info"
 		else:
 			return None
 	@classmethod
 	def get(cls, name):
 		try:
 			return PackageDevState[name.upper()]
 		except KeyError:
 			return None
 	@classmethod
 	def choices(cls, with_none):
 		def build_label(choice):
 			desc = choice.get_desc()
 			if desc is None:
 				return choice.value
 			else:
 				return f"{choice.value}: {desc}"
 		ret = [(choice, build_label(choice)) for choice in cls]
 		if with_none:
 			ret.insert(0, (None, ""))
 		return ret
 	@classmethod
 	def coerce(cls, item):
 		if item is None or (isinstance(item, str) and item.upper() == "NONE"):
 			return None
 		return item if type(item) == PackageDevState else PackageDevState[item.upper()]
 class PackageState(enum.Enum):
@ -164,30 +83,17 @@ class PackageState(enum.Enum):
 	def verb(self):
 		if self == self.READY_FOR_REVIEW:
-			return lazy_gettext("Submit for Approval")
+			return "Submit for Review"
 		elif self == self.APPROVED:
-			return lazy_gettext("Approve")
+			return "Approve"
 		elif self == self.DELETED:
-			return lazy_gettext("Delete")
+			return "Delete"
 		else:
 			return self.value
 	def __str__(self):
 		return self.name
 	@property
 	def color(self):
 		if self == self.WIP:
 			return "warning"
 		elif self == self.CHANGES_NEEDED:
 			return "danger"
 		elif self == self.READY_FOR_REVIEW:
 			return "success"
 		elif self == self.APPROVED:
 			return "info"
 		else:
 			return "danger"
 	@classmethod
 	def get(cls, name):
 		try:
@ -201,7 +107,7 @@ class PackageState(enum.Enum):
 	@classmethod
 	def coerce(cls, item):
-		return item if type(item) == PackageState else PackageState[item.upper()]
+		return item if type(item) == PackageState else PackageState[item]
 PACKAGE_STATE_FLOW = {
@ -237,7 +143,7 @@ class PackagePropertyKey(enum.Enum):
 			return str(value)
-PackageProvides = db.Table("provides",
+provides = db.Table("provides",
 	db.Column("package_id",    db.Integer, db.ForeignKey("package.id"), primary_key=True),
 	db.Column("metapackage_id", db.Integer, db.ForeignKey("meta_package.id"), primary_key=True)
 )
@ -344,25 +250,6 @@ class Dependency(db.Model):
 		return retval
 class PackageGameSupport(db.Model):
 	id = db.Column(db.Integer, primary_key=True)
 	package_id = db.Column(db.Integer, db.ForeignKey("package.id"), nullable=False)
 	package = db.relationship("Package", foreign_keys=[package_id])
 	game_id = db.Column(db.Integer, db.ForeignKey("package.id"), nullable=False)
 	game = db.relationship("Package", foreign_keys=[game_id])
 	supports = db.Column(db.Boolean, nullable=False, default=True)
 	confidence = db.Column(db.Integer, nullable=False, default=1)
 	__table_args__ = (db.UniqueConstraint("game_id", "package_id", name="_package_game_support_uc"),)
 	def __init__(self, package, game):
 		self.package = package
 		self.game = game
 class Package(db.Model):
 	query_class  = PackageQuery
@ -390,8 +277,7 @@ class Package(db.Model):
 	media_license_id = db.Column(db.Integer, db.ForeignKey("license.id"), nullable=False, default=1)
 	media_license    = db.relationship("License", foreign_keys=[media_license_id])
-	state     = db.Column(db.Enum(PackageState), nullable=False, default=PackageState.WIP)
+	state         = db.Column(db.Enum(PackageState), nullable=False, default=PackageState.WIP)
 	dev_state = db.Column(db.Enum(PackageDevState), nullable=True, default=None)
 	@property
 	def approved(self):
@ -409,18 +295,11 @@ class Package(db.Model):
 	website      = db.Column(db.String(200), nullable=True)
 	issueTracker = db.Column(db.String(200), nullable=True)
 	forums       = db.Column(db.Integer,     nullable=True)
 	video_url    = db.Column(db.String(200), nullable=True, default=None)
-	provides = db.relationship("MetaPackage", secondary=PackageProvides, order_by=db.asc("name"), back_populates="packages")
+	provides = db.relationship("MetaPackage", secondary=provides, order_by=db.asc("name"), back_populates="packages")
 	dependencies = db.relationship("Dependency", back_populates="depender", lazy="dynamic", foreign_keys=[Dependency.depender_id])
 	supported_games = db.relationship("PackageGameSupport", back_populates="package", lazy="dynamic",
 			foreign_keys=[PackageGameSupport.package_id])
 	game_supported_mods = db.relationship("PackageGameSupport", back_populates="game", lazy="dynamic",
 			foreign_keys=[PackageGameSupport.game_id])
 	tags = db.relationship("Tag", secondary=Tags, back_populates="packages")
 	content_warnings = db.relationship("ContentWarning", secondary=ContentWarnings, back_populates="packages")
@ -432,7 +311,7 @@ class Package(db.Model):
 			lazy="dynamic", order_by=db.asc("package_screenshot_order"), cascade="all, delete, delete-orphan")
 	main_screenshot = db.relationship("PackageScreenshot", uselist=False, foreign_keys="PackageScreenshot.package_id",
-			lazy=True, order_by=db.asc("package_screenshot_order"), viewonly=True,
+			lazy=True, order_by=db.asc("package_screenshot_order"),
 			primaryjoin="and_(Package.id==PackageScreenshot.package_id, PackageScreenshot.approved)")
 	cover_image_id = db.Column(db.Integer, db.ForeignKey("package_screenshot.id"), nullable=True, default=None)
@ -443,12 +322,11 @@ class Package(db.Model):
 	threads = db.relationship("Thread", back_populates="package", order_by=db.desc("thread_created_at"),
 			foreign_keys="Thread.package_id", cascade="all, delete, delete-orphan", lazy="dynamic")
-	reviews = db.relationship("PackageReview", back_populates="package",
+	reviews = db.relationship("PackageReview", back_populates="package", order_by=db.desc("package_review_created_at"),
 			order_by=[db.desc("package_review_score"),db.desc("package_review_created_at")],
 			cascade="all, delete, delete-orphan")
-	audit_log_entries = db.relationship("AuditLogEntry", foreign_keys="AuditLogEntry.package_id",
+	audit_log_entries = db.relationship("AuditLogEntry", foreign_keys="AuditLogEntry.package_id", back_populates="package",
-			lazy="dynamic", back_populates="package", order_by=db.desc("audit_log_entry_created_at"))
+			order_by=db.desc("audit_log_entry_created_at"))
 	notifications = db.relationship("Notification", foreign_keys="Notification.package_id",
 			back_populates="package", cascade="all, delete, delete-orphan")
@ -459,9 +337,6 @@ class Package(db.Model):
 	update_config = db.relationship("PackageUpdateConfig", uselist=False, back_populates="package",
 			cascade="all, delete, delete-orphan")
 	aliases = db.relationship("PackageAlias",  foreign_keys="PackageAlias.package_id",
 			back_populates="package", cascade="all, delete, delete-orphan")
 	def __init__(self, package=None):
 		if package is None:
 			return
@ -475,14 +350,6 @@ class Package(db.Model):
 		for e in PackagePropertyKey:
 			setattr(self, e.name, getattr(package, e.name))
 	@classmethod
 	def get_by_key(cls, key):
 		parts = key.split("/")
 		if len(parts) != 2:
 			return None
 		return Package.query.filter(Package.name == parts[1], Package.author.has(username=parts[0])).first()
 	def getId(self):
 		return "{}/{}".format(self.author.username, self.name)
@ -504,15 +371,10 @@ class Package(db.Model):
 	def getSortedOptionalDependencies(self):
 		return self.getSortedDependencies(False)
 	def getSortedSupportedGames(self):
 		supported = self.supported_games.all()
 		supported.sort(key=lambda x: -x.game.score)
 		return supported
 	def getAsDictionaryKey(self):
 		return {
 			"name": self.name,
-			"author": self.author.username,
+			"author": self.author.display_name,
 			"type": self.type.toName(),
 		}
@ -523,26 +385,16 @@ class Package(db.Model):
 			release = self.getDownloadRelease(version=version)
 			release_id = release and release.id
-		short_desc = self.short_desc
+		return {
 		if self.dev_state == PackageDevState.WIP:
 			short_desc = "Work in Progress. " + self.short_desc
 		ret = {
 			"name": self.name,
 			"title": self.title,
 			"author": self.author.username,
-			"short_description": short_desc,
+			"short_description": self.short_desc,
 			"type": self.type.toName(),
 			"release": release_id,
-			"thumbnail": (base_url + tnurl) if tnurl is not None else None,
+			"thumbnail": (base_url + tnurl) if tnurl is not None else None
 			"aliases": [ alias.getAsDictionary() for alias in self.aliases ],
 		}
 		if not ret["aliases"]:
 			del ret["aliases"]
 		return ret
 	def getAsDictionary(self, base_url, version=None):
 		tnurl = self.getThumbnailURL(1)
 		release = self.getDownloadRelease(version=version)
@ -551,7 +403,6 @@ class Package(db.Model):
 			"maintainers": [x.username for x in self.maintainers],
 			"state": self.state.name,
 			"dev_state": self.dev_state.name if self.dev_state else None,
 			"name": self.name,
 			"title": self.title,
@ -567,7 +418,6 @@ class Package(db.Model):
 			"website": self.website,
 			"issue_tracker": self.issueTracker,
 			"forums": self.forums,
 			"video_url": self.video_url,
 			"tags": [x.name for x in self.tags],
 			"content_warnings": [x.name for x in self.content_warnings],
@ -576,19 +426,11 @@ class Package(db.Model):
 			"thumbnail": (base_url + tnurl) if tnurl is not None else None,
 			"screenshots": [base_url + ss.url for ss in self.screenshots],
-			"url": base_url + self.getURL("packages.download"),
+			"url": base_url + self.getDownloadURL(),
 			"release": release and release.id,
 			"score": round(self.score * 10) / 10,
-			"downloads": self.downloads,
+			"downloads": self.downloads
 			"game_support": [
 				{
 					"supports": support.supports,
 					"confidence": support.confidence,
 					"game": support.game.getAsDictionaryShort(base_url, version)
 				} for support in self.supported_games.all()
 			]
 		}
 	def getThumbnailOrPlaceholder(self, level=2):
@ -609,12 +451,14 @@ class Package(db.Model):
 		else:
 			return screenshot.url
-	def getURL(self, endpoint, absolute=False, **kwargs):
+	def getDetailsURL(self, absolute=False):
 		if absolute:
 			from app.utils import abs_url_for
-			return abs_url_for(endpoint, author=self.author.username, name=self.name, **kwargs)
+			return abs_url_for("packages.view",
 					author=self.author.username, name=self.name)
 		else:
-			return url_for(endpoint, author=self.author.username, name=self.name, **kwargs)
+			return url_for("packages.view",
 					author=self.author.username, name=self.name)
 	def getShieldURL(self, type):
 		from app.utils import abs_url_for
@ -623,7 +467,11 @@ class Package(db.Model):
 	def makeShield(self, type):
 		return "[![ContentDB]({})]({})" \
-			.format(self.getShieldURL(type), self.getURL("packages.view", True))
+			.format(self.getShieldURL(type), self.getDetailsURL(True))
 	def getEditURL(self):
 		return url_for("packages.create_edit",
 				author=self.author.username, name=self.name)
 	def getSetStateURL(self, state):
 		if type(state) == str:
@ -634,6 +482,54 @@ class Package(db.Model):
 		return url_for("packages.move_to_state",
 				author=self.author.username, name=self.name, state=state.name.lower())
 	def getRemoveURL(self):
 		return url_for("packages.remove",
 				author=self.author.username, name=self.name)
 	def getNewScreenshotURL(self):
 		return url_for("packages.create_screenshot",
 				author=self.author.username, name=self.name)
 	def getEditScreenshotsURL(self):
 		return url_for("packages.screenshots",
 				author=self.author.username, name=self.name)
 	def getCreateReleaseURL(self, **kwargs):
 		return url_for("packages.create_release",
 				author=self.author.username, name=self.name, **kwargs)
 	def getBulkReleaseURL(self):
 		return url_for("packages.bulk_change_release",
 			author=self.author.username, name=self.name)
 	def getUpdateConfigURL(self, action=None):
 		return url_for("packages.update_config",
 			author=self.author.username, name=self.name, action=action)
 	def getSetupReleasesURL(self):
 		return url_for("packages.setup_releases",
 			author=self.author.username, name=self.name)
 	def getDownloadURL(self):
 		return url_for("packages.download",
 				author=self.author.username, name=self.name)
 	def getEditMaintainersURL(self):
 		return url_for("packages.edit_maintainers",
 				author=self.author.username, name=self.name)
 	def getRemoveSelfMaintainerURL(self):
 		return url_for("packages.remove_self_maintainers",
 				author=self.author.username, name=self.name)
 	def getUpdateFromReleaseURL(self):
 		return url_for("packages.update_from_release",
 				author=self.author.username, name=self.name)
 	def getReviewURL(self):
 		return url_for('packages.review',
 				author=self.author.username, name=self.name)
 	def getDownloadRelease(self, version=None):
 		for rel in self.releases:
 			if rel.approved and (version is None or
@ -654,7 +550,6 @@ class Package(db.Model):
 		isOwner = user == self.author
 		isMaintainer = isOwner or user.rank.atLeast(UserRank.EDITOR) or user in self.maintainers
 		isApprover = user.rank.atLeast(UserRank.APPROVER)
 		if perm == Permission.CREATE_THREAD:
 			return user.rank.atLeast(UserRank.MEMBER)
@ -663,33 +558,33 @@ class Package(db.Model):
 		elif perm == Permission.MAKE_RELEASE or perm == Permission.ADD_SCREENSHOTS:
 			return isMaintainer
-		elif perm == Permission.EDIT_PACKAGE:
+		elif perm == Permission.EDIT_PACKAGE or \
 				perm == Permission.APPROVE_CHANGES or perm == Permission.APPROVE_RELEASE:
 			return isMaintainer and user.rank.atLeast(UserRank.MEMBER if self.approved else UserRank.NEW_MEMBER)
 		elif perm == Permission.APPROVE_RELEASE:
 			return (isMaintainer or isApprover) and user.rank.atLeast(UserRank.MEMBER if self.approved else UserRank.NEW_MEMBER)
 		# Anyone can change the package name when not approved, but only editors when approved
 		elif perm == Permission.CHANGE_NAME:
 			return not self.approved or user.rank.atLeast(UserRank.EDITOR)
 		# Editors can change authors and approve new packages
 		elif perm == Permission.APPROVE_NEW or perm == Permission.CHANGE_AUTHOR:
-			return isApprover
+			return user.rank.atLeast(UserRank.EDITOR)
 		elif perm == Permission.APPROVE_SCREENSHOT:
-			return (isMaintainer or isApprover) and \
+			return isMaintainer and user.rank.atLeast(UserRank.TRUSTED_MEMBER if self.approved else UserRank.NEW_MEMBER)
 				user.rank.atLeast(UserRank.TRUSTED_MEMBER if self.approved else UserRank.NEW_MEMBER)
-		elif perm == Permission.EDIT_MAINTAINERS or perm == Permission.DELETE_PACKAGE:
+		elif perm == Permission.EDIT_MAINTAINERS:
-			return isOwner or user.rank.atLeast(UserRank.EDITOR)
+			return isOwner or user.rank.atLeast(UserRank.MODERATOR)
-		elif perm == Permission.UNAPPROVE_PACKAGE:
+		elif perm == Permission.UNAPPROVE_PACKAGE or perm == Permission.DELETE_PACKAGE:
-			return isOwner or user.rank.atLeast(UserRank.APPROVER)
+			return user.rank.atLeast(UserRank.MEMBER if isOwner else UserRank.EDITOR)
 		elif perm == Permission.CHANGE_RELEASE_URL:
 			return user.rank.atLeast(UserRank.MODERATOR)
 		elif perm == Permission.REIMPORT_META:
 			return user.rank.atLeast(UserRank.ADMIN)
 		else:
 			raise Exception("Permission {} is not related to packages".format(perm.name))
@ -715,10 +610,9 @@ class Package(db.Model):
 			return False
 		if state == PackageState.READY_FOR_REVIEW or state == PackageState.APPROVED:
-			if state == PackageState.APPROVED and not self.checkPerm(user, Permission.APPROVE_NEW):
+			requiredPerm = Permission.APPROVE_NEW if state == PackageState.APPROVED else Permission.EDIT_PACKAGE
 				return False
-			if not (self.checkPerm(user, Permission.APPROVE_NEW) or self.checkPerm(user, Permission.EDIT_PACKAGE)):
+			if not self.checkPerm(user, requiredPerm):
 				return False
 			if state == PackageState.APPROVED and  ("Other" in self.license.name or "Other" in self.media_license.name):
@ -730,8 +624,7 @@ class Package(db.Model):
 			needsScreenshot = \
 				(self.type == self.type.GAME or self.type == self.type.TXP) and \
 					self.screenshots.count() == 0
-
+			return self.releases.count() > 0 and not needsScreenshot
 			return self.releases.filter(PackageRelease.task_id.is_(None)).count() > 0 and not needsScreenshot
 		elif state == PackageState.CHANGES_NEEDED:
 			return self.checkPerm(user, Permission.APPROVE_NEW)
@ -770,7 +663,7 @@ class MetaPackage(db.Model):
 	id           = db.Column(db.Integer, primary_key=True)
 	name         = db.Column(db.String(100), unique=True, nullable=False)
 	dependencies = db.relationship("Dependency", back_populates="meta_package", lazy="dynamic")
-	packages     = db.relationship("Package", lazy="dynamic", back_populates="provides", secondary=PackageProvides)
+	packages     = db.relationship("Package", lazy="dynamic", back_populates="provides", secondary=provides)
 	mp_name_valid = db.CheckConstraint("name ~* '^[a-z0-9_]+$'")
@ -847,7 +740,6 @@ class Tag(db.Model):
 	backgroundColor = db.Column(db.String(6), nullable=False)
 	textColor       = db.Column(db.String(6), nullable=False)
 	views           = db.Column(db.Integer, nullable=False, default=0)
 	is_protected    = db.Column(db.Boolean, nullable=False, default=False)
 	packages        = db.relationship("Package", back_populates="tags", secondary=Tags)
@ -862,13 +754,7 @@ class Tag(db.Model):
 	def getAsDictionary(self):
 		description = self.description if self.description != "" else None
-		return {
+		return { "name": self.name, "title": self.title, "description": description }
 			"name": self.name,
 			"title": self.title,
 			"description": description,
 			"is_protected": self.is_protected,
 			"views": self.views,
 		}
 class MinetestRelease(db.Model):
@ -905,10 +791,7 @@ class MinetestRelease(db.Model):
 					return release
 		if protocol_num:
-			# Find the closest matching release
+			return MinetestRelease.query.filter_by(protocol=protocol_num).first()
 			return MinetestRelease.query.order_by(db.desc(MinetestRelease.protocol),
 							db.desc(MinetestRelease.id)) \
 						.filter(MinetestRelease.protocol <= protocol_num).first()
 		return None
@ -936,10 +819,6 @@ class PackageRelease(db.Model):
 	# If the release is approved, then the task_id must be null and the url must be present
 	CK_approval_valid = db.CheckConstraint("not approved OR (task_id IS NULL AND (url = '') IS NOT FALSE)")
 	@property
 	def file_path(self):
 		return self.url.replace("/uploads/", app.config["UPLOAD_DIR"])
 	def getAsDictionary(self):
 		return {
 			"id": self.id,
@ -952,19 +831,6 @@ class PackageRelease(db.Model):
 			"max_minetest_version": self.max_rel and self.max_rel.getAsDictionary(),
 		}
 	def getLongAsDictionary(self):
 		return {
 			"id": self.id,
 			"title": self.title,
 			"url": self.url if self.url != "" else None,
 			"release_date": self.releaseDate.isoformat(),
 			"commit": self.commit_hash,
 			"downloads": self.downloads,
 			"min_minetest_version": self.min_rel and self.min_rel.getAsDictionary(),
 			"max_minetest_version": self.max_rel and self.max_rel.getAsDictionary(),
 			"package": self.package.getAsDictionaryKey()
 		}
 	def getEditURL(self):
 		return url_for("packages.edit_release",
 				author=self.package.author.username,
@ -986,11 +852,8 @@ class PackageRelease(db.Model):
 	def __init__(self):
 		self.releaseDate = datetime.datetime.now()
 	def getDownloadFileName(self):
 		return f"{self.package.name}_{self.id}.zip"
 	def approve(self, user):
-		if not self.checkPerm(user, Permission.APPROVE_RELEASE):
+		if not self.package.checkPerm(user, Permission.APPROVE_RELEASE):
 			return False
 		if self.approved:
@ -1015,35 +878,29 @@ class PackageRelease(db.Model):
 		elif type(perm) != Permission:
 			raise Exception("Unknown permission given to PackageRelease.checkPerm()")
-		isMaintainer = user == self.package.author or user in self.package.maintainers
+		isOwner = user == self.package.author
 		if perm == Permission.DELETE_RELEASE:
 			if user.rank.atLeast(UserRank.ADMIN):
 				return True
-			if not (isMaintainer or user.rank.atLeast(UserRank.EDITOR)):
+			if not (isOwner or user.rank.atLeast(UserRank.EDITOR)):
 				return False
 			if not self.package.approved or self.task_id is not None:
 				return True
-			count = self.package.releases \
+			count = PackageRelease.query \
 					.filter_by(package_id=self.package_id) \
 					.filter(PackageRelease.id > self.id) \
 					.count()
 			return count > 0
 		elif perm == Permission.APPROVE_RELEASE:
 			return user.rank.atLeast(UserRank.APPROVER) or \
 					(isMaintainer and user.rank.atLeast(
 						UserRank.MEMBER if self.approved else UserRank.NEW_MEMBER))
 		else:
 			raise Exception("Permission {} is not related to releases".format(perm.name))
 class PackageScreenshot(db.Model):
 	HARD_MIN_SIZE = (920, 517)
 	SOFT_MIN_SIZE = (1280, 720)
 	id         = db.Column(db.Integer, primary_key=True)
 	package_id = db.Column(db.Integer, db.ForeignKey("package.id"), nullable=False)
@ -1055,22 +912,6 @@ class PackageScreenshot(db.Model):
 	approved   = db.Column(db.Boolean, nullable=False, default=False)
 	created_at = db.Column(db.DateTime, nullable=False, default=datetime.datetime.utcnow)
 	width      = db.Column(db.Integer, nullable=False)
 	height     = db.Column(db.Integer, nullable=False)
 	def is_very_small(self):
 		return self.width < 720 or self.height < 405
 	def is_too_small(self):
 		return self.width < PackageScreenshot.HARD_MIN_SIZE[0] or self.height < PackageScreenshot.HARD_MIN_SIZE[1]
 	def is_low_res(self):
 		return self.width < PackageScreenshot.SOFT_MIN_SIZE[0] or self.height < PackageScreenshot.SOFT_MIN_SIZE[1]
 	@property
 	def file_path(self):
 		return self.url.replace("/uploads/", app.config["UPLOAD_DIR"])
 	def getEditURL(self):
 		return url_for("packages.edit_screenshot",
 				author=self.package.author.username,
@ -1092,11 +933,8 @@ class PackageScreenshot(db.Model):
 			"order": self.order,
 			"title": self.title,
 			"url": base_url + self.url,
 			"width": self.width,
 			"height": self.height,
 			"approved": self.approved,
 			"created_at": self.created_at.isoformat(),
 			"is_cover_image": self.package.cover_image == self,
 		}
@ -1123,7 +961,7 @@ class PackageUpdateTrigger(enum.Enum):
 	@classmethod
 	def coerce(cls, item):
-		return item if type(item) == PackageUpdateTrigger else PackageUpdateTrigger[item.upper()]
+		return item if type(item) == PackageUpdateTrigger else PackageUpdateTrigger[item]
 class PackageUpdateConfig(db.Model):
@ -1167,25 +1005,4 @@ class PackageUpdateConfig(db.Model):
 		return self.last_tag or self.last_commit
 	def get_create_release_url(self):
-		return self.package.getURL("packages.create_release", title=self.get_title(), ref=self.get_ref())
+		return self.package.getCreateReleaseURL(title=self.get_title(), ref=self.get_ref())
 class PackageAlias(db.Model):
 	id         = db.Column(db.Integer, primary_key=True)
 	package_id = db.Column(db.Integer, db.ForeignKey("package.id"), nullable=False)
 	package    = db.relationship("Package", back_populates="aliases", foreign_keys=[package_id])
 	author     = db.Column(db.String(50), nullable=False)
 	name      = db.Column(db.String(100), nullable=False)
 	def __init__(self, author="", name=""):
 		self.author = author
 		self.name = name
 	def getEditURL(self):
 		return url_for("packages.alias_create_edit", author=self.package.author.username,
 				name=self.package.name, alias_id=self.id)
 	def getAsDictionary(self):
 		return f"{self.author}/{self.name}"
--- a/app/models/threads.py
+++ b/app/models/threads.py
@ -15,7 +15,6 @@
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
 import datetime
 from typing import Tuple, List
 from flask import url_for
@ -23,6 +22,7 @@ from . import db
 from .users import Permission, UserRank
 from .packages import Package
 watchers = db.Table("watchers",
 	db.Column("user_id", db.Integer, db.ForeignKey("user.id"), primary_key=True),
 	db.Column("thread_id", db.Integer, db.ForeignKey("thread.id"), primary_key=True)
@ -55,19 +55,8 @@ class Thread(db.Model):
 	watchers   = db.relationship("User", secondary=watchers, backref="watching")
-	def get_description(self):
+	def getViewURL(self):
-		comment = self.replies[0].comment.replace("\r\n", " ").replace("\n", " ").replace("  ", " ")
+		return url_for("threads.view", id=self.id, _external=False)
 		if len(comment) > 100:
 			return comment[:97] + "..."
 		else:
 			return comment
 	def getViewURL(self, absolute=False):
 		if absolute:
 			from ..utils import abs_url_for
 			return abs_url_for("threads.view", id=self.id)
 		else:
 			return url_for("threads.view", id=self.id, _external=False)
 	def getSubscribeURL(self):
 		return url_for("threads.subscribe", id=self.id)
@ -88,7 +77,7 @@ class Thread(db.Model):
 		if self.package:
 			isMaintainer = isMaintainer or user in self.package.maintainers
-		canSee = not self.private or isMaintainer or user.rank.atLeast(UserRank.APPROVER)
+		canSee = not self.private or isMaintainer or user.rank.atLeast(UserRank.EDITOR)
 		if perm == Permission.SEE_THREAD:
 			return canSee
@ -96,14 +85,9 @@ class Thread(db.Model):
 		elif perm == Permission.COMMENT_THREAD:
 			return canSee and (not self.locked or user.rank.atLeast(UserRank.MODERATOR))
-		elif perm == Permission.LOCK_THREAD:
+		elif perm == Permission.LOCK_THREAD or perm == Permission.DELETE_THREAD:
 			return user.rank.atLeast(UserRank.MODERATOR)
 		elif perm == Permission.DELETE_THREAD:
 			from app.utils.models import get_system_user
 			return (self.author == get_system_user() and self.package and
 					user in self.package.maintainers) or user.rank.atLeast(UserRank.MODERATOR)
 		else:
 			raise Exception("Permission {} is not related to threads".format(perm.name))
@ -124,9 +108,6 @@ class ThreadReply(db.Model):
 	created_at = db.Column(db.DateTime, nullable=False, default=datetime.datetime.utcnow)
 	def get_url(self):
 		return url_for('threads.view', id=self.thread.id) + "#reply-" + str(self.id)
 	def checkPerm(self, user, perm):
 		if not user.is_authenticated:
 			return False
@ -137,7 +118,7 @@ class ThreadReply(db.Model):
 			raise Exception("Unknown permission given to ThreadReply.checkPerm()")
 		if perm == Permission.EDIT_REPLY:
-			return user.rank.atLeast(UserRank.MEMBER if user == self.author else UserRank.MODERATOR) and not self.thread.locked
+			return user == self.author and user.rank.atLeast(UserRank.MEMBER) and not self.thread.locked
 		elif perm == Permission.DELETE_REPLY:
 			return user.rank.atLeast(UserRank.MODERATOR) and self.thread.replies[0] != self
@ -160,81 +141,14 @@ class PackageReview(db.Model):
 	recommends = db.Column(db.Boolean, nullable=False)
 	thread     = db.relationship("Thread", uselist=False, back_populates="review")
 	votes      = db.relationship("PackageReviewVote", back_populates="review", cascade="all, delete, delete-orphan")
 	score      = db.Column(db.Integer, nullable=False, default=1)
 	def get_totals(self, current_user = None) -> Tuple[int,int,bool]:
 		votes: List[PackageReviewVote] = self.votes
 		pos = sum([ 1 for vote in votes if vote.is_positive ])
 		neg = sum([ 1 for vote in votes if not vote.is_positive])
 		user_vote = next(filter(lambda vote: vote.user == current_user, votes), None)
 		return pos, neg, user_vote.is_positive if user_vote else None
 	def getAsDictionary(self, include_package=False):
 		pos, neg, _user = self.get_totals()
 		ret = {
 			"is_positive": self.recommends,
 			"user": {
 				"username": self.author.username,
 				"display_name": self.author.display_name,
 			},
 			"created_at": self.created_at.isoformat(),
 			"votes": {
 				"helpful": pos,
 				"unhelpful": neg,
 			},
 			"title": self.thread.title,
 			"comment": self.thread.replies[0].comment,
 		}
 		if include_package:
 			ret["package"] = self.package.getAsDictionaryKey()
 		return ret
 	def asSign(self):
 		return 1 if self.recommends else -1
 	def getEditURL(self):
-		return self.package.getURL("packages.review")
+		return self.package.getReviewURL()
 	def getDeleteURL(self):
 		return url_for("packages.delete_review",
 				author=self.package.author.username,
-				name=self.package.name,
+				name=self.package.name)
 				reviewer=self.author.username)
 	def getVoteUrl(self, next_url=None):
 		return url_for("packages.review_vote",
 				author=self.package.author.username,
 				name=self.package.name,
 				review_id=self.id,
 				r=next_url)
 	def update_score(self):
 		(pos, neg, _) = self.get_totals()
 		self.score = 3 * (pos - neg) + 1
 	def checkPerm(self, user, perm):
 		if not user.is_authenticated:
 			return False
 		if type(perm) == str:
 			perm = Permission[perm]
 		elif type(perm) != Permission:
 			raise Exception("Unknown permission given to PackageReview.checkPerm()")
 		if perm == Permission.DELETE_REVIEW:
 			return user == self.author or user.rank.atLeast(UserRank.MODERATOR)
 		else:
 			raise Exception("Permission {} is not related to reviews".format(perm.name))
 class PackageReviewVote(db.Model):
 	review_id = db.Column(db.Integer, db.ForeignKey("package_review.id"), primary_key=True)
 	review = db.relationship("PackageReview", foreign_keys=[review_id], back_populates="votes")
 	user_id = db.Column(db.Integer, db.ForeignKey("user.id"), primary_key=True)
 	user = db.relationship("User", foreign_keys=[user_id], back_populates="review_votes")
 	is_positive = db.Column(db.Boolean, nullable=False)
 	created_at = db.Column(db.DateTime, nullable=False, default=datetime.datetime.utcnow)
--- a/app/models/users.py
+++ b/app/models/users.py
@ -31,11 +31,10 @@ class UserRank(enum.Enum):
 	NEW_MEMBER     = 2
 	MEMBER         = 3
 	TRUSTED_MEMBER = 4
-	APPROVER       = 5
+	EDITOR         = 5
-	EDITOR         = 6
+	BOT            = 6
-	BOT            = 7
+	MODERATOR      = 7
-	MODERATOR      = 8
+	ADMIN          = 8
 	ADMIN          = 9
 	def atLeast(self, min):
 		return self.value >= min.value
@ -55,17 +54,19 @@ class UserRank(enum.Enum):
 	@classmethod
 	def coerce(cls, item):
-		return item if type(item) == UserRank else UserRank[item.upper()]
+		return item if type(item) == UserRank else UserRank[item]
 class Permission(enum.Enum):
 	EDIT_PACKAGE       = "EDIT_PACKAGE"
 	APPROVE_CHANGES    = "APPROVE_CHANGES"
 	DELETE_PACKAGE     = "DELETE_PACKAGE"
 	CHANGE_AUTHOR      = "CHANGE_AUTHOR"
 	CHANGE_NAME        = "CHANGE_NAME"
 	MAKE_RELEASE       = "MAKE_RELEASE"
 	DELETE_RELEASE     = "DELETE_RELEASE"
 	ADD_SCREENSHOTS    = "ADD_SCREENSHOTS"
 	REIMPORT_META      = "REIMPORT_META"
 	APPROVE_SCREENSHOT = "APPROVE_SCREENSHOT"
 	APPROVE_RELEASE    = "APPROVE_RELEASE"
 	APPROVE_NEW        = "APPROVE_NEW"
@ -86,9 +87,7 @@ class Permission(enum.Enum):
 	TOPIC_DISCARD      = "TOPIC_DISCARD"
 	CREATE_TOKEN       = "CREATE_TOKEN"
 	EDIT_MAINTAINERS   = "EDIT_MAINTAINERS"
 	DELETE_REVIEW      = "DELETE_REVIEW"
 	CHANGE_PROFILE_URLS = "CHANGE_PROFILE_URLS"
 	CHANGE_DISPLAY_NAME = "CHANGE_DISPLAY_NAME"
 	# Only return true if the permission is valid for *all* contexts
 	# See Package.checkPerm for package-specific contexts
@ -97,14 +96,13 @@ class Permission(enum.Enum):
 			return False
 		if self == Permission.APPROVE_NEW or \
 				self == Permission.APPROVE_CHANGES    or \
 				self == Permission.APPROVE_RELEASE    or \
 				self == Permission.APPROVE_SCREENSHOT or \
 				self == Permission.EDIT_TAGS or \
 				self == Permission.CREATE_TAG or \
 				self == Permission.SEE_THREAD:
 			return user.rank.atLeast(UserRank.APPROVER)
 		elif self == Permission.EDIT_TAGS or self == Permission.CREATE_TAG:
 			return user.rank.atLeast(UserRank.EDITOR)
 		else:
 			raise Exception("Non-global permission checked globally. Use Package.checkPerm or User.checkPerm instead.")
@ -125,8 +123,6 @@ def display_name_default(context):
 class User(db.Model, UserMixin):
 	id           = db.Column(db.Integer, primary_key=True)
 	created_at = db.Column(db.DateTime, nullable=True, default=datetime.datetime.utcnow)
 	# User authentication information
 	username     = db.Column(db.String(50, collation="NOCASE"), nullable=False, unique=True, index=True)
 	password     = db.Column(db.String(255), nullable=True, server_default=None)
@ -146,9 +142,7 @@ class User(db.Model, UserMixin):
 	# User email information
 	email         = db.Column(db.String(255), nullable=True, unique=True)
-	email_confirmed_at  = db.Column(db.DateTime(), nullable=True, server_default=None)
+	email_confirmed_at  = db.Column(db.DateTime(), nullable=True)
 	locale = db.Column(db.String(10), nullable=True, default=None)
 	# User information
 	profile_pic   = db.Column(db.String(255), nullable=True, server_default=None)
@ -177,14 +171,13 @@ class User(db.Model, UserMixin):
 	packages      = db.relationship("Package", back_populates="author", lazy="dynamic", order_by=db.asc("package_title"))
 	reviews       = db.relationship("PackageReview", back_populates="author", order_by=db.desc("package_review_created_at"), cascade="all, delete, delete-orphan")
 	review_votes  = db.relationship("PackageReviewVote", back_populates="user", cascade="all, delete, delete-orphan")
 	tokens        = db.relationship("APIToken", back_populates="owner", lazy="dynamic", cascade="all, delete, delete-orphan")
 	threads       = db.relationship("Thread", back_populates="author", lazy="dynamic", cascade="all, delete, delete-orphan")
-	replies       = db.relationship("ThreadReply", back_populates="author", lazy="dynamic", cascade="all, delete, delete-orphan", order_by=db.desc("created_at"))
+	replies       = db.relationship("ThreadReply", back_populates="author", lazy="dynamic", cascade="all, delete, delete-orphan")
 	forum_topics  = db.relationship("ForumTopic", back_populates="author", lazy="dynamic", cascade="all, delete, delete-orphan")
 	def __init__(self, username=None, active=False, email=None, password=None):
 		self.username = username
 		self.email_confirmed_at = datetime.datetime.now() - datetime.timedelta(days=6000)
 		self.display_name = username
 		self.is_active = active
 		self.email = email
@ -193,7 +186,8 @@ class User(db.Model, UserMixin):
 	def canAccessTodoList(self):
 		return Permission.APPROVE_NEW.check(self) or \
-				Permission.APPROVE_RELEASE.check(self)
+				Permission.APPROVE_RELEASE.check(self) or \
 				Permission.APPROVE_CHANGES.check(self)
 	def isClaimed(self):
 		return self.rank.atLeast(UserRank.NEW_MEMBER)
@ -204,7 +198,7 @@ class User(db.Model, UserMixin):
 		elif self.rank == UserRank.BOT:
 			return "/static/bot_avatar.png"
 		else:
-			return gravatar(self.email or f"{self.username}@content.minetest.net")
+			return gravatar(self.email or "")
 	def checkPerm(self, user, perm):
 		if not user.is_authenticated:
@ -218,14 +212,10 @@ class User(db.Model, UserMixin):
 		# Members can edit their own packages, and editors can edit any packages
 		if perm == Permission.CHANGE_AUTHOR:
 			return user.rank.atLeast(UserRank.EDITOR)
-		elif perm == Permission.CHANGE_USERNAMES:
+		elif perm == Permission.CHANGE_RANK or perm == Permission.CHANGE_USERNAMES:
 			return user.rank.atLeast(UserRank.MODERATOR)
 		elif perm == Permission.CHANGE_RANK:
 			return user.rank.atLeast(UserRank.MODERATOR) and not self.rank.atLeast(user.rank)
 		elif perm == Permission.CHANGE_EMAIL or perm == Permission.CHANGE_PROFILE_URLS:
-			return user == self or (user.rank.atLeast(UserRank.MODERATOR) and not self.rank.atLeast(user.rank))
+			return user == self or user.rank.atLeast(UserRank.ADMIN)
 		elif perm == Permission.CHANGE_DISPLAY_NAME:
 			return user.rank.atLeast(UserRank.MEMBER if user == self else UserRank.MODERATOR)
 		elif perm == Permission.CREATE_TOKEN:
 			if user == self:
 				return user.rank.atLeast(UserRank.MEMBER)
@ -295,7 +285,6 @@ class UserEmailVerification(db.Model):
 	token   = db.Column(db.String(32), nullable=True)
 	user    = db.relationship("User", foreign_keys=[user_id], back_populates="email_verifications")
 	is_password_reset = db.Column(db.Boolean, nullable=False, default=False)
 	created_at = db.Column(db.DateTime, nullable=False, default=datetime.datetime.utcnow)
 class EmailSubscription(db.Model):
@ -384,7 +373,7 @@ class NotificationType(enum.Enum):
 	@classmethod
 	def coerce(cls, item):
-		return item if type(item) == NotificationType else NotificationType[item.upper()]
+		return item if type(item) == NotificationType else NotificationType[item]
 class Notification(db.Model):
--- a/app/public/static/bootstrap.css
+++ b/app/public/static/bootstrap.css
--- a/app/public/static/bootstrap.min.js
+++ b/app/public/static/bootstrap.min.js
--- a/app/public/static/bot_avatar.png
+++ b/app/public/static/bot_avatar.png
--- a/app/public/static/contentdb_flag_blacklist.png
+++ b/app/public/static/contentdb_flag_blacklist.png
--- a/app/public/static/easymde.min.css
+++ b/app/public/static/easymde.min.css
--- a/app/public/static/easymde.min.js
+++ b/app/public/static/easymde.min.js
--- a/app/public/static/gamejam.png
+++ b/app/public/static/gamejam.png
--- a/app/public/static/images/ui-bg_glass_20_555555_1x400.png
+++ b/app/public/static/images/ui-bg_glass_20_555555_1x400.png
--- a/app/public/static/images/ui-bg_glass_40_0078a3_1x400.png
+++ b/app/public/static/images/ui-bg_glass_40_0078a3_1x400.png
--- a/app/public/static/images/ui-bg_glass_40_ffc73d_1x400.png
+++ b/app/public/static/images/ui-bg_glass_40_ffc73d_1x400.png
--- a/app/public/static/images/ui-bg_gloss-wave_25_333333_500x100.png
+++ b/app/public/static/images/ui-bg_gloss-wave_25_333333_500x100.png
--- a/app/public/static/images/ui-bg_highlight-soft_80_eeeeee_1x100.png
+++ b/app/public/static/images/ui-bg_highlight-soft_80_eeeeee_1x100.png
--- a/app/public/static/images/ui-bg_inset-soft_25_000000_1x100.png
+++ b/app/public/static/images/ui-bg_inset-soft_25_000000_1x100.png
--- a/app/public/static/images/ui-bg_inset-soft_30_f58400_1x100.png
+++ b/app/public/static/images/ui-bg_inset-soft_30_f58400_1x100.png
--- a/app/public/static/images/ui-icons_222222_256x240.png
+++ b/app/public/static/images/ui-icons_222222_256x240.png
--- a/app/public/static/images/ui-icons_4b8e0b_256x240.png
+++ b/app/public/static/images/ui-icons_4b8e0b_256x240.png
--- a/app/public/static/images/ui-icons_a83300_256x240.png
+++ b/app/public/static/images/ui-icons_a83300_256x240.png
--- a/app/public/static/images/ui-icons_cccccc_256x240.png
+++ b/app/public/static/images/ui-icons_cccccc_256x240.png
--- a/app/public/static/images/ui-icons_ffffff_256x240.png
+++ b/app/public/static/images/ui-icons_ffffff_256x240.png
--- a/app/public/static/jquery-ui.min.css
+++ b/app/public/static/jquery-ui.min.css
--- a/app/public/static/jquery-ui.min.js
+++ b/app/public/static/jquery-ui.min.js
--- a/app/public/static/jquery.min.js
+++ b/app/public/static/jquery.min.js
--- a/app/public/static/libs/bootstrap.min.css
+++ b/app/public/static/libs/bootstrap.min.css
--- a/app/public/static/libs/bootstrap.min.js
+++ b/app/public/static/libs/bootstrap.min.js
--- a/app/public/static/libs/easymde.min.css
+++ b/app/public/static/libs/easymde.min.css
--- a/app/public/static/libs/easymde.min.js
+++ b/app/public/static/libs/easymde.min.js
--- a/app/public/static/libs/images/ui-icons_00498f_256x240.png
+++ b/app/public/static/libs/images/ui-icons_00498f_256x240.png
--- a/app/public/static/libs/images/ui-icons_98d2fb_256x240.png
+++ b/app/public/static/libs/images/ui-icons_98d2fb_256x240.png
--- a/app/public/static/libs/images/ui-icons_9ccdfc_256x240.png
+++ b/app/public/static/libs/images/ui-icons_9ccdfc_256x240.png
--- a/app/public/static/libs/images/ui-icons_ffffff_256x240.png
+++ b/app/public/static/libs/images/ui-icons_ffffff_256x240.png
--- a/app/public/static/libs/jquery-ui.min.css
+++ b/app/public/static/libs/jquery-ui.min.css
--- a/app/public/static/libs/jquery-ui.min.js
+++ b/app/public/static/libs/jquery-ui.min.js
--- a/app/public/static/libs/jquery.min.js
+++ b/app/public/static/libs/jquery.min.js
--- a/app/public/static/libs/url.min.js
+++ b/app/public/static/libs/url.min.js
@ -1,117 +0,0 @@
 /*! URI.js v1.19.5 http://medialize.github.io/URI.js/ */
 /* build contains: IPv6.js, punycode.js, SecondLevelDomains.js, URI.js */
 /*
 URI.js - Mutating URLs
 IPv6 Support
 Version: 1.19.5
 Author: Rodney Rehm
 Web: http://medialize.github.io/URI.js/
 Licensed under
   MIT License http://www.opensource.org/licenses/mit-license
 https://mths.be/punycode v1.4.0 by @mathias  URI.js - Mutating URLs
 Second Level Domain (SLD) Support
 Version: 1.19.5
 Author: Rodney Rehm
 Web: http://medialize.github.io/URI.js/
 Licensed under
   MIT License http://www.opensource.org/licenses/mit-license
 URI.js - Mutating URLs
 Version: 1.19.5
 Author: Rodney Rehm
 Web: http://medialize.github.io/URI.js/
 Licensed under
   MIT License http://www.opensource.org/licenses/mit-license
 */
 (function(t,w){"object"===typeof module&&module.exports?module.exports=w():"function"===typeof define&&define.amd?define(w):t.IPv6=w(t)})(this,function(t){var w=t&&t.IPv6;return{best:function(n){n=n.toLowerCase().split(":");var k=n.length,d=8;""===n[0]&&""===n[1]&&""===n[2]?(n.shift(),n.shift()):""===n[0]&&""===n[1]?n.shift():""===n[k-1]&&""===n[k-2]&&n.pop();k=n.length;-1!==n[k-1].indexOf(".")&&(d=7);var m;for(m=0;m<k&&""!==n[m];m++);if(m<d)for(n.splice(m,1,"0000");n.length<d;)n.splice(m,0,"0000");
 for(m=0;m<d;m++){k=n[m].split("");for(var x=0;3>x;x++)if("0"===k[0]&&1<k.length)k.splice(0,1);else break;n[m]=k.join("")}k=-1;var v=x=0,J=-1,E=!1;for(m=0;m<d;m++)E?"0"===n[m]?v+=1:(E=!1,v>x&&(k=J,x=v)):"0"===n[m]&&(E=!0,J=m,v=1);v>x&&(k=J,x=v);1<x&&n.splice(k,x,"");k=n.length;d="";""===n[0]&&(d=":");for(m=0;m<k;m++){d+=n[m];if(m===k-1)break;d+=":"}""===n[k-1]&&(d+=":");return d},noConflict:function(){t.IPv6===this&&(t.IPv6=w);return this}}});
 (function(t){function w(l){throw new RangeError(O[l]);}function n(l,p){for(var u=l.length,q=[];u--;)q[u]=p(l[u]);return q}function k(l,p){var u=l.split("@"),q="";1<u.length&&(q=u[0]+"@",l=u[1]);l=l.replace(L,".");u=l.split(".");u=n(u,p).join(".");return q+u}function d(l){for(var p=[],u=0,q=l.length,z,C;u<q;)z=l.charCodeAt(u++),55296<=z&&56319>=z&&u<q?(C=l.charCodeAt(u++),56320==(C&64512)?p.push(((z&1023)<<10)+(C&1023)+65536):(p.push(z),u--)):p.push(z);return p}function m(l){return n(l,function(p){var u=
 "";65535<p&&(p-=65536,u+=g(p>>>10&1023|55296),p=56320|p&1023);return u+=g(p)}).join("")}function x(l,p,u){var q=0;l=u?F(l/700):l>>1;for(l+=F(l/p);455<l;q+=36)l=F(l/35);return F(q+36*l/(l+38))}function v(l){var p=[],u=l.length,q=0,z=128,C=72,a,b;var c=l.lastIndexOf("-");0>c&&(c=0);for(a=0;a<c;++a)128<=l.charCodeAt(a)&&w("not-basic"),p.push(l.charCodeAt(a));for(c=0<c?c+1:0;c<u;){a=q;var e=1;for(b=36;;b+=36){c>=u&&w("invalid-input");var f=l.charCodeAt(c++);f=10>f-48?f-22:26>f-65?f-65:26>f-97?f-97:36;
 (36<=f||f>F((2147483647-q)/e))&&w("overflow");q+=f*e;var h=b<=C?1:b>=C+26?26:b-C;if(f<h)break;f=36-h;e>F(2147483647/f)&&w("overflow");e*=f}e=p.length+1;C=x(q-a,e,0==a);F(q/e)>2147483647-z&&w("overflow");z+=F(q/e);q%=e;p.splice(q++,0,z)}return m(p)}function J(l){var p,u,q,z=[];l=d(l);var C=l.length;var a=128;var b=0;var c=72;for(q=0;q<C;++q){var e=l[q];128>e&&z.push(g(e))}for((p=u=z.length)&&z.push("-");p<C;){var f=2147483647;for(q=0;q<C;++q)e=l[q],e>=a&&e<f&&(f=e);var h=p+1;f-a>F((2147483647-b)/h)&&
 w("overflow");b+=(f-a)*h;a=f;for(q=0;q<C;++q)if(e=l[q],e<a&&2147483647<++b&&w("overflow"),e==a){var r=b;for(f=36;;f+=36){e=f<=c?1:f>=c+26?26:f-c;if(r<e)break;var y=r-e;r=36-e;var A=z;e+=y%r;A.push.call(A,g(e+22+75*(26>e)-0));r=F(y/r)}z.push(g(r+22+75*(26>r)-0));c=x(b,h,p==u);b=0;++p}++b;++a}return z.join("")}var E="object"==typeof exports&&exports&&!exports.nodeType&&exports,M="object"==typeof module&&module&&!module.nodeType&&module,H="object"==typeof global&&global;if(H.global===H||H.window===H||
 H.self===H)t=H;var P=/^xn--/,N=/[^\x20-\x7E]/,L=/[\x2E\u3002\uFF0E\uFF61]/g,O={overflow:"Overflow: input needs wider integers to process","not-basic":"Illegal input >= 0x80 (not a basic code point)","invalid-input":"Invalid input"},F=Math.floor,g=String.fromCharCode,B;var D={version:"1.3.2",ucs2:{decode:d,encode:m},decode:v,encode:J,toASCII:function(l){return k(l,function(p){return N.test(p)?"xn--"+J(p):p})},toUnicode:function(l){return k(l,function(p){return P.test(p)?v(p.slice(4).toLowerCase()):
 p})}};if("function"==typeof define&&"object"==typeof define.amd&&define.amd)define("punycode",function(){return D});else if(E&&M)if(module.exports==E)M.exports=D;else for(B in D)D.hasOwnProperty(B)&&(E[B]=D[B]);else t.punycode=D})(this);
 (function(t,w){"object"===typeof module&&module.exports?module.exports=w():"function"===typeof define&&define.amd?define(w):t.SecondLevelDomains=w(t)})(this,function(t){var w=t&&t.SecondLevelDomains,n={list:{ac:" com gov mil net org ",ae:" ac co gov mil name net org pro sch ",af:" com edu gov net org ",al:" com edu gov mil net org ",ao:" co ed gv it og pb ",ar:" com edu gob gov int mil net org tur ",at:" ac co gv or ",au:" asn com csiro edu gov id net org ",ba:" co com edu gov mil net org rs unbi unmo unsa untz unze ",
 bb:" biz co com edu gov info net org store tv ",bh:" biz cc com edu gov info net org ",bn:" com edu gov net org ",bo:" com edu gob gov int mil net org tv ",br:" adm adv agr am arq art ato b bio blog bmd cim cng cnt com coop ecn edu eng esp etc eti far flog fm fnd fot fst g12 ggf gov imb ind inf jor jus lel mat med mil mus net nom not ntr odo org ppg pro psc psi qsl rec slg srv tmp trd tur tv vet vlog wiki zlg ",bs:" com edu gov net org ",bz:" du et om ov rg ",ca:" ab bc mb nb nf nl ns nt nu on pe qc sk yk ",
 ck:" biz co edu gen gov info net org ",cn:" ac ah bj com cq edu fj gd gov gs gx gz ha hb he hi hl hn jl js jx ln mil net nm nx org qh sc sd sh sn sx tj tw xj xz yn zj ",co:" com edu gov mil net nom org ",cr:" ac c co ed fi go or sa ",cy:" ac biz com ekloges gov ltd name net org parliament press pro tm ","do":" art com edu gob gov mil net org sld web ",dz:" art asso com edu gov net org pol ",ec:" com edu fin gov info med mil net org pro ",eg:" com edu eun gov mil name net org sci ",er:" com edu gov ind mil net org rochest w ",
 es:" com edu gob nom org ",et:" biz com edu gov info name net org ",fj:" ac biz com info mil name net org pro ",fk:" ac co gov net nom org ",fr:" asso com f gouv nom prd presse tm ",gg:" co net org ",gh:" com edu gov mil org ",gn:" ac com gov net org ",gr:" com edu gov mil net org ",gt:" com edu gob ind mil net org ",gu:" com edu gov net org ",hk:" com edu gov idv net org ",hu:" 2000 agrar bolt casino city co erotica erotika film forum games hotel info ingatlan jogasz konyvelo lakas media news org priv reklam sex shop sport suli szex tm tozsde utazas video ",
 id:" ac co go mil net or sch web ",il:" ac co gov idf k12 muni net org ","in":" ac co edu ernet firm gen gov i ind mil net nic org res ",iq:" com edu gov i mil net org ",ir:" ac co dnssec gov i id net org sch ",it:" edu gov ",je:" co net org ",jo:" com edu gov mil name net org sch ",jp:" ac ad co ed go gr lg ne or ",ke:" ac co go info me mobi ne or sc ",kh:" com edu gov mil net org per ",ki:" biz com de edu gov info mob net org tel ",km:" asso com coop edu gouv k medecin mil nom notaires pharmaciens presse tm veterinaire ",
 kn:" edu gov net org ",kr:" ac busan chungbuk chungnam co daegu daejeon es gangwon go gwangju gyeongbuk gyeonggi gyeongnam hs incheon jeju jeonbuk jeonnam k kg mil ms ne or pe re sc seoul ulsan ",kw:" com edu gov net org ",ky:" com edu gov net org ",kz:" com edu gov mil net org ",lb:" com edu gov net org ",lk:" assn com edu gov grp hotel int ltd net ngo org sch soc web ",lr:" com edu gov net org ",lv:" asn com conf edu gov id mil net org ",ly:" com edu gov id med net org plc sch ",ma:" ac co gov m net org press ",
 mc:" asso tm ",me:" ac co edu gov its net org priv ",mg:" com edu gov mil nom org prd tm ",mk:" com edu gov inf name net org pro ",ml:" com edu gov net org presse ",mn:" edu gov org ",mo:" com edu gov net org ",mt:" com edu gov net org ",mv:" aero biz com coop edu gov info int mil museum name net org pro ",mw:" ac co com coop edu gov int museum net org ",mx:" com edu gob net org ",my:" com edu gov mil name net org sch ",nf:" arts com firm info net other per rec store web ",ng:" biz com edu gov mil mobi name net org sch ",
 ni:" ac co com edu gob mil net nom org ",np:" com edu gov mil net org ",nr:" biz com edu gov info net org ",om:" ac biz co com edu gov med mil museum net org pro sch ",pe:" com edu gob mil net nom org sld ",ph:" com edu gov i mil net ngo org ",pk:" biz com edu fam gob gok gon gop gos gov net org web ",pl:" art bialystok biz com edu gda gdansk gorzow gov info katowice krakow lodz lublin mil net ngo olsztyn org poznan pwr radom slupsk szczecin torun warszawa waw wroc wroclaw zgora ",pr:" ac biz com edu est gov info isla name net org pro prof ",
 ps:" com edu gov net org plo sec ",pw:" belau co ed go ne or ",ro:" arts com firm info nom nt org rec store tm www ",rs:" ac co edu gov in org ",sb:" com edu gov net org ",sc:" com edu gov net org ",sh:" co com edu gov net nom org ",sl:" com edu gov net org ",st:" co com consulado edu embaixada gov mil net org principe saotome store ",sv:" com edu gob org red ",sz:" ac co org ",tr:" av bbs bel biz com dr edu gen gov info k12 name net org pol tel tsk tv web ",tt:" aero biz cat co com coop edu gov info int jobs mil mobi museum name net org pro tel travel ",
 tw:" club com ebiz edu game gov idv mil net org ",mu:" ac co com gov net or org ",mz:" ac co edu gov org ",na:" co com ",nz:" ac co cri geek gen govt health iwi maori mil net org parliament school ",pa:" abo ac com edu gob ing med net nom org sld ",pt:" com edu gov int net nome org publ ",py:" com edu gov mil net org ",qa:" com edu gov mil net org ",re:" asso com nom ",ru:" ac adygeya altai amur arkhangelsk astrakhan bashkiria belgorod bir bryansk buryatia cbg chel chelyabinsk chita chukotka chuvashia com dagestan e-burg edu gov grozny int irkutsk ivanovo izhevsk jar joshkar-ola kalmykia kaluga kamchatka karelia kazan kchr kemerovo khabarovsk khakassia khv kirov koenig komi kostroma kranoyarsk kuban kurgan kursk lipetsk magadan mari mari-el marine mil mordovia mosreg msk murmansk nalchik net nnov nov novosibirsk nsk omsk orenburg org oryol penza perm pp pskov ptz rnd ryazan sakhalin samara saratov simbirsk smolensk spb stavropol stv surgut tambov tatarstan tom tomsk tsaritsyn tsk tula tuva tver tyumen udm udmurtia ulan-ude vladikavkaz vladimir vladivostok volgograd vologda voronezh vrn vyatka yakutia yamal yekaterinburg yuzhno-sakhalinsk ",
 rw:" ac co com edu gouv gov int mil net ",sa:" com edu gov med net org pub sch ",sd:" com edu gov info med net org tv ",se:" a ac b bd c d e f g h i k l m n o org p parti pp press r s t tm u w x y z ",sg:" com edu gov idn net org per ",sn:" art com edu gouv org perso univ ",sy:" com edu gov mil net news org ",th:" ac co go in mi net or ",tj:" ac biz co com edu go gov info int mil name net nic org test web ",tn:" agrinet com defense edunet ens fin gov ind info intl mincom nat net org perso rnrt rns rnu tourism ",
 tz:" ac co go ne or ",ua:" biz cherkassy chernigov chernovtsy ck cn co com crimea cv dn dnepropetrovsk donetsk dp edu gov if in ivano-frankivsk kh kharkov kherson khmelnitskiy kiev kirovograd km kr ks kv lg lugansk lutsk lviv me mk net nikolaev od odessa org pl poltava pp rovno rv sebastopol sumy te ternopil uzhgorod vinnica vn zaporizhzhe zhitomir zp zt ",ug:" ac co go ne or org sc ",uk:" ac bl british-library co cym gov govt icnet jet lea ltd me mil mod national-library-scotland nel net nhs nic nls org orgn parliament plc police sch scot soc ",
 us:" dni fed isa kids nsn ",uy:" com edu gub mil net org ",ve:" co com edu gob info mil net org web ",vi:" co com k12 net org ",vn:" ac biz com edu gov health info int name net org pro ",ye:" co com gov ltd me net org plc ",yu:" ac co edu gov org ",za:" ac agric alt bourse city co cybernet db edu gov grondar iaccess imt inca landesign law mil net ngo nis nom olivetti org pix school tm web ",zm:" ac co com edu gov net org sch ",com:"ar br cn de eu gb gr hu jpn kr no qc ru sa se uk us uy za ",net:"gb jp se uk ",
 org:"ae",de:"com "},has:function(k){var d=k.lastIndexOf(".");if(0>=d||d>=k.length-1)return!1;var m=k.lastIndexOf(".",d-1);if(0>=m||m>=d-1)return!1;var x=n.list[k.slice(d+1)];return x?0<=x.indexOf(" "+k.slice(m+1,d)+" "):!1},is:function(k){var d=k.lastIndexOf(".");if(0>=d||d>=k.length-1||0<=k.lastIndexOf(".",d-1))return!1;var m=n.list[k.slice(d+1)];return m?0<=m.indexOf(" "+k.slice(0,d)+" "):!1},get:function(k){var d=k.lastIndexOf(".");if(0>=d||d>=k.length-1)return null;var m=k.lastIndexOf(".",d-1);
 if(0>=m||m>=d-1)return null;var x=n.list[k.slice(d+1)];return!x||0>x.indexOf(" "+k.slice(m+1,d)+" ")?null:k.slice(m+1)},noConflict:function(){t.SecondLevelDomains===this&&(t.SecondLevelDomains=w);return this}};return n});
 (function(t,w){"object"===typeof module&&module.exports?module.exports=w(require("./punycode"),require("./IPv6"),require("./SecondLevelDomains")):"function"===typeof define&&define.amd?define(["./punycode","./IPv6","./SecondLevelDomains"],w):t.URI=w(t.punycode,t.IPv6,t.SecondLevelDomains,t)})(this,function(t,w,n,k){function d(a,b){var c=1<=arguments.length,e=2<=arguments.length;if(!(this instanceof d))return c?e?new d(a,b):new d(a):new d;if(void 0===a){if(c)throw new TypeError("undefined is not a valid argument for URI");
 a="undefined"!==typeof location?location.href+"":""}if(null===a&&c)throw new TypeError("null is not a valid argument for URI");this.href(a);return void 0!==b?this.absoluteTo(b):this}function m(a){return a.replace(/([.*+?^=!:${}()|[\]\/\\])/g,"\\$1")}function x(a){return void 0===a?"Undefined":String(Object.prototype.toString.call(a)).slice(8,-1)}function v(a){return"Array"===x(a)}function J(a,b){var c={},e;if("RegExp"===x(b))c=null;else if(v(b)){var f=0;for(e=b.length;f<e;f++)c[b[f]]=!0}else c[b]=
 !0;f=0;for(e=a.length;f<e;f++)if(c&&void 0!==c[a[f]]||!c&&b.test(a[f]))a.splice(f,1),e--,f--;return a}function E(a,b){var c;if(v(b)){var e=0;for(c=b.length;e<c;e++)if(!E(a,b[e]))return!1;return!0}var f=x(b);e=0;for(c=a.length;e<c;e++)if("RegExp"===f){if("string"===typeof a[e]&&a[e].match(b))return!0}else if(a[e]===b)return!0;return!1}function M(a,b){if(!v(a)||!v(b)||a.length!==b.length)return!1;a.sort();b.sort();for(var c=0,e=a.length;c<e;c++)if(a[c]!==b[c])return!1;return!0}function H(a){return a.replace(/^\/+|\/+$/g,
 "")}function P(a){return escape(a)}function N(a){return encodeURIComponent(a).replace(/[!'()*]/g,P).replace(/\*/g,"%2A")}function L(a){return function(b,c){if(void 0===b)return this._parts[a]||"";this._parts[a]=b||null;this.build(!c);return this}}function O(a,b){return function(c,e){if(void 0===c)return this._parts[a]||"";null!==c&&(c+="",c.charAt(0)===b&&(c=c.substring(1)));this._parts[a]=c;this.build(!e);return this}}var F=k&&k.URI;d.version="1.19.5";var g=d.prototype,B=Object.prototype.hasOwnProperty;
 d._parts=function(){return{protocol:null,username:null,password:null,hostname:null,urn:null,port:null,path:null,query:null,fragment:null,preventInvalidHostname:d.preventInvalidHostname,duplicateQueryParameters:d.duplicateQueryParameters,escapeQuerySpace:d.escapeQuerySpace}};d.preventInvalidHostname=!1;d.duplicateQueryParameters=!1;d.escapeQuerySpace=!0;d.protocol_expression=/^[a-z][a-z0-9.+-]*$/i;d.idn_expression=/[^a-z0-9\._-]/i;d.punycode_expression=/(xn--)/i;d.ip4_expression=/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/;
 d.ip6_expression=/^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?\s*$/;
 d.find_uri_expression=/\b((?:[a-z][\w-]+:(?:\/{1,3}|[a-z0-9%])|www\d{0,3}[.]|[a-z0-9.\-]+[.][a-z]{2,4}\/)(?:[^\s()<>]+|\(([^\s()<>]+|(\([^\s()<>]+\)))*\))+(?:\(([^\s()<>]+|(\([^\s()<>]+\)))*\)|[^\s`!()\[\]{};:'".,<>?\u00ab\u00bb\u201c\u201d\u2018\u2019]))/ig;d.findUri={start:/\b(?:([a-z][a-z0-9.+-]*:\/\/)|www\.)/gi,end:/[\s\r\n]|$/,trim:/[`!()\[\]{};:'".,<>?\u00ab\u00bb\u201c\u201d\u201e\u2018\u2019]+$/,parens:/(\([^\)]*\)|\[[^\]]*\]|\{[^}]*\}|<[^>]*>)/g};d.defaultPorts={http:"80",https:"443",ftp:"21",
 gopher:"70",ws:"80",wss:"443"};d.hostProtocols=["http","https"];d.invalid_hostname_characters=/[^a-zA-Z0-9\.\-:_]/;d.domAttributes={a:"href",blockquote:"cite",link:"href",base:"href",script:"src",form:"action",img:"src",area:"href",iframe:"src",embed:"src",source:"src",track:"src",input:"src",audio:"src",video:"src"};d.getDomAttribute=function(a){if(a&&a.nodeName){var b=a.nodeName.toLowerCase();if("input"!==b||"image"===a.type)return d.domAttributes[b]}};d.encode=N;d.decode=decodeURIComponent;d.iso8859=
 function(){d.encode=escape;d.decode=unescape};d.unicode=function(){d.encode=N;d.decode=decodeURIComponent};d.characters={pathname:{encode:{expression:/%(24|26|2B|2C|3B|3D|3A|40)/ig,map:{"%24":"$","%26":"&","%2B":"+","%2C":",","%3B":";","%3D":"=","%3A":":","%40":"@"}},decode:{expression:/[\/\?#]/g,map:{"/":"%2F","?":"%3F","#":"%23"}}},reserved:{encode:{expression:/%(21|23|24|26|27|28|29|2A|2B|2C|2F|3A|3B|3D|3F|40|5B|5D)/ig,map:{"%3A":":","%2F":"/","%3F":"?","%23":"#","%5B":"[","%5D":"]","%40":"@",
 "%21":"!","%24":"$","%26":"&","%27":"'","%28":"(","%29":")","%2A":"*","%2B":"+","%2C":",","%3B":";","%3D":"="}}},urnpath:{encode:{expression:/%(21|24|27|28|29|2A|2B|2C|3B|3D|40)/ig,map:{"%21":"!","%24":"$","%27":"'","%28":"(","%29":")","%2A":"*","%2B":"+","%2C":",","%3B":";","%3D":"=","%40":"@"}},decode:{expression:/[\/\?#:]/g,map:{"/":"%2F","?":"%3F","#":"%23",":":"%3A"}}}};d.encodeQuery=function(a,b){var c=d.encode(a+"");void 0===b&&(b=d.escapeQuerySpace);return b?c.replace(/%20/g,"+"):c};d.decodeQuery=
 function(a,b){a+="";void 0===b&&(b=d.escapeQuerySpace);try{return d.decode(b?a.replace(/\+/g,"%20"):a)}catch(c){return a}};var D={encode:"encode",decode:"decode"},l,p=function(a,b){return function(c){try{return d[b](c+"").replace(d.characters[a][b].expression,function(e){return d.characters[a][b].map[e]})}catch(e){return c}}};for(l in D)d[l+"PathSegment"]=p("pathname",D[l]),d[l+"UrnPathSegment"]=p("urnpath",D[l]);D=function(a,b,c){return function(e){var f=c?function(y){return d[b](d[c](y))}:d[b];
 e=(e+"").split(a);for(var h=0,r=e.length;h<r;h++)e[h]=f(e[h]);return e.join(a)}};d.decodePath=D("/","decodePathSegment");d.decodeUrnPath=D(":","decodeUrnPathSegment");d.recodePath=D("/","encodePathSegment","decode");d.recodeUrnPath=D(":","encodeUrnPathSegment","decode");d.encodeReserved=p("reserved","encode");d.parse=function(a,b){b||(b={preventInvalidHostname:d.preventInvalidHostname});var c=a.indexOf("#");-1<c&&(b.fragment=a.substring(c+1)||null,a=a.substring(0,c));c=a.indexOf("?");-1<c&&(b.query=
 a.substring(c+1)||null,a=a.substring(0,c));"//"===a.substring(0,2)?(b.protocol=null,a=a.substring(2),a=d.parseAuthority(a,b)):(c=a.indexOf(":"),-1<c&&(b.protocol=a.substring(0,c)||null,b.protocol&&!b.protocol.match(d.protocol_expression)?b.protocol=void 0:"//"===a.substring(c+1,c+3)?(a=a.substring(c+3),a=d.parseAuthority(a,b)):(a=a.substring(c+1),b.urn=!0)));b.path=a;return b};d.parseHost=function(a,b){a||(a="");a=a.replace(/\\/g,"/");var c=a.indexOf("/");-1===c&&(c=a.length);if("["===a.charAt(0)){var e=
 a.indexOf("]");b.hostname=a.substring(1,e)||null;b.port=a.substring(e+2,c)||null;"/"===b.port&&(b.port=null)}else{var f=a.indexOf(":");e=a.indexOf("/");f=a.indexOf(":",f+1);-1!==f&&(-1===e||f<e)?(b.hostname=a.substring(0,c)||null,b.port=null):(e=a.substring(0,c).split(":"),b.hostname=e[0]||null,b.port=e[1]||null)}b.hostname&&"/"!==a.substring(c).charAt(0)&&(c++,a="/"+a);b.preventInvalidHostname&&d.ensureValidHostname(b.hostname,b.protocol);b.port&&d.ensureValidPort(b.port);return a.substring(c)||
 "/"};d.parseAuthority=function(a,b){a=d.parseUserinfo(a,b);return d.parseHost(a,b)};d.parseUserinfo=function(a,b){var c=a;-1!==a.indexOf("\\")&&(a=a.replace(/\\/g,"/"));var e=a.indexOf("/"),f=a.lastIndexOf("@",-1<e?e:a.length-1);-1<f&&(-1===e||f<e)?(e=a.substring(0,f).split(":"),b.username=e[0]?d.decode(e[0]):null,e.shift(),b.password=e[0]?d.decode(e.join(":")):null,a=c.substring(f+1)):(b.username=null,b.password=null);return a};d.parseQuery=function(a,b){if(!a)return{};a=a.replace(/&+/g,"&").replace(/^\?*&*|&+$/g,
 "");if(!a)return{};for(var c={},e=a.split("&"),f=e.length,h,r,y=0;y<f;y++)if(h=e[y].split("="),r=d.decodeQuery(h.shift(),b),h=h.length?d.decodeQuery(h.join("="),b):null,B.call(c,r)){if("string"===typeof c[r]||null===c[r])c[r]=[c[r]];c[r].push(h)}else c[r]=h;return c};d.build=function(a){var b="",c=!1;a.protocol&&(b+=a.protocol+":");a.urn||!b&&!a.hostname||(b+="//",c=!0);b+=d.buildAuthority(a)||"";"string"===typeof a.path&&("/"!==a.path.charAt(0)&&c&&(b+="/"),b+=a.path);"string"===typeof a.query&&
 a.query&&(b+="?"+a.query);"string"===typeof a.fragment&&a.fragment&&(b+="#"+a.fragment);return b};d.buildHost=function(a){var b="";if(a.hostname)b=d.ip6_expression.test(a.hostname)?b+("["+a.hostname+"]"):b+a.hostname;else return"";a.port&&(b+=":"+a.port);return b};d.buildAuthority=function(a){return d.buildUserinfo(a)+d.buildHost(a)};d.buildUserinfo=function(a){var b="";a.username&&(b+=d.encode(a.username));a.password&&(b+=":"+d.encode(a.password));b&&(b+="@");return b};d.buildQuery=function(a,b,
 c){var e="",f,h;for(f in a)if(B.call(a,f))if(v(a[f])){var r={};var y=0;for(h=a[f].length;y<h;y++)void 0!==a[f][y]&&void 0===r[a[f][y]+""]&&(e+="&"+d.buildQueryParameter(f,a[f][y],c),!0!==b&&(r[a[f][y]+""]=!0))}else void 0!==a[f]&&(e+="&"+d.buildQueryParameter(f,a[f],c));return e.substring(1)};d.buildQueryParameter=function(a,b,c){return d.encodeQuery(a,c)+(null!==b?"="+d.encodeQuery(b,c):"")};d.addQuery=function(a,b,c){if("object"===typeof b)for(var e in b)B.call(b,e)&&d.addQuery(a,e,b[e]);else if("string"===
 typeof b)void 0===a[b]?a[b]=c:("string"===typeof a[b]&&(a[b]=[a[b]]),v(c)||(c=[c]),a[b]=(a[b]||[]).concat(c));else throw new TypeError("URI.addQuery() accepts an object, string as the name parameter");};d.setQuery=function(a,b,c){if("object"===typeof b)for(var e in b)B.call(b,e)&&d.setQuery(a,e,b[e]);else if("string"===typeof b)a[b]=void 0===c?null:c;else throw new TypeError("URI.setQuery() accepts an object, string as the name parameter");};d.removeQuery=function(a,b,c){var e;if(v(b))for(c=0,e=b.length;c<
 e;c++)a[b[c]]=void 0;else if("RegExp"===x(b))for(e in a)b.test(e)&&(a[e]=void 0);else if("object"===typeof b)for(e in b)B.call(b,e)&&d.removeQuery(a,e,b[e]);else if("string"===typeof b)void 0!==c?"RegExp"===x(c)?!v(a[b])&&c.test(a[b])?a[b]=void 0:a[b]=J(a[b],c):a[b]!==String(c)||v(c)&&1!==c.length?v(a[b])&&(a[b]=J(a[b],c)):a[b]=void 0:a[b]=void 0;else throw new TypeError("URI.removeQuery() accepts an object, string, RegExp as the first parameter");};d.hasQuery=function(a,b,c,e){switch(x(b)){case "String":break;
 case "RegExp":for(var f in a)if(B.call(a,f)&&b.test(f)&&(void 0===c||d.hasQuery(a,f,c)))return!0;return!1;case "Object":for(var h in b)if(B.call(b,h)&&!d.hasQuery(a,h,b[h]))return!1;return!0;default:throw new TypeError("URI.hasQuery() accepts a string, regular expression or object as the name parameter");}switch(x(c)){case "Undefined":return b in a;case "Boolean":return a=!(v(a[b])?!a[b].length:!a[b]),c===a;case "Function":return!!c(a[b],b,a);case "Array":return v(a[b])?(e?E:M)(a[b],c):!1;case "RegExp":return v(a[b])?
 e?E(a[b],c):!1:!(!a[b]||!a[b].match(c));case "Number":c=String(c);case "String":return v(a[b])?e?E(a[b],c):!1:a[b]===c;default:throw new TypeError("URI.hasQuery() accepts undefined, boolean, string, number, RegExp, Function as the value parameter");}};d.joinPaths=function(){for(var a=[],b=[],c=0,e=0;e<arguments.length;e++){var f=new d(arguments[e]);a.push(f);f=f.segment();for(var h=0;h<f.length;h++)"string"===typeof f[h]&&b.push(f[h]),f[h]&&c++}if(!b.length||!c)return new d("");b=(new d("")).segment(b);
 ""!==a[0].path()&&"/"!==a[0].path().slice(0,1)||b.path("/"+b.path());return b.normalize()};d.commonPath=function(a,b){var c=Math.min(a.length,b.length),e;for(e=0;e<c;e++)if(a.charAt(e)!==b.charAt(e)){e--;break}if(1>e)return a.charAt(0)===b.charAt(0)&&"/"===a.charAt(0)?"/":"";if("/"!==a.charAt(e)||"/"!==b.charAt(e))e=a.substring(0,e).lastIndexOf("/");return a.substring(0,e+1)};d.withinString=function(a,b,c){c||(c={});var e=c.start||d.findUri.start,f=c.end||d.findUri.end,h=c.trim||d.findUri.trim,r=
 c.parens||d.findUri.parens,y=/[a-z0-9-]=["']?$/i;for(e.lastIndex=0;;){var A=e.exec(a);if(!A)break;var K=A.index;if(c.ignoreHtml){var G=a.slice(Math.max(K-3,0),K);if(G&&y.test(G))continue}var I=K+a.slice(K).search(f);G=a.slice(K,I);for(I=-1;;){var Q=r.exec(G);if(!Q)break;I=Math.max(I,Q.index+Q[0].length)}G=-1<I?G.slice(0,I)+G.slice(I).replace(h,""):G.replace(h,"");G.length<=A[0].length||c.ignore&&c.ignore.test(G)||(I=K+G.length,A=b(G,K,I,a),void 0===A?e.lastIndex=I:(A=String(A),a=a.slice(0,K)+A+a.slice(I),
 e.lastIndex=K+A.length))}e.lastIndex=0;return a};d.ensureValidHostname=function(a,b){var c=!!a,e=!1;b&&(e=E(d.hostProtocols,b));if(e&&!c)throw new TypeError("Hostname cannot be empty, if protocol is "+b);if(a&&a.match(d.invalid_hostname_characters)){if(!t)throw new TypeError('Hostname "'+a+'" contains characters other than [A-Z0-9.-:_] and Punycode.js is not available');if(t.toASCII(a).match(d.invalid_hostname_characters))throw new TypeError('Hostname "'+a+'" contains characters other than [A-Z0-9.-:_]');
 }};d.ensureValidPort=function(a){if(a){var b=Number(a);if(!(/^[0-9]+$/.test(b)&&0<b&&65536>b))throw new TypeError('Port "'+a+'" is not a valid port');}};d.noConflict=function(a){if(a)return a={URI:this.noConflict()},k.URITemplate&&"function"===typeof k.URITemplate.noConflict&&(a.URITemplate=k.URITemplate.noConflict()),k.IPv6&&"function"===typeof k.IPv6.noConflict&&(a.IPv6=k.IPv6.noConflict()),k.SecondLevelDomains&&"function"===typeof k.SecondLevelDomains.noConflict&&(a.SecondLevelDomains=k.SecondLevelDomains.noConflict()),
 a;k.URI===this&&(k.URI=F);return this};g.build=function(a){if(!0===a)this._deferred_build=!0;else if(void 0===a||this._deferred_build)this._string=d.build(this._parts),this._deferred_build=!1;return this};g.clone=function(){return new d(this)};g.valueOf=g.toString=function(){return this.build(!1)._string};g.protocol=L("protocol");g.username=L("username");g.password=L("password");g.hostname=L("hostname");g.port=L("port");g.query=O("query","?");g.fragment=O("fragment","#");g.search=function(a,b){var c=
 this.query(a,b);return"string"===typeof c&&c.length?"?"+c:c};g.hash=function(a,b){var c=this.fragment(a,b);return"string"===typeof c&&c.length?"#"+c:c};g.pathname=function(a,b){if(void 0===a||!0===a){var c=this._parts.path||(this._parts.hostname?"/":"");return a?(this._parts.urn?d.decodeUrnPath:d.decodePath)(c):c}this._parts.path=this._parts.urn?a?d.recodeUrnPath(a):"":a?d.recodePath(a):"/";this.build(!b);return this};g.path=g.pathname;g.href=function(a,b){var c;if(void 0===a)return this.toString();
 this._string="";this._parts=d._parts();var e=a instanceof d,f="object"===typeof a&&(a.hostname||a.path||a.pathname);a.nodeName&&(f=d.getDomAttribute(a),a=a[f]||"",f=!1);!e&&f&&void 0!==a.pathname&&(a=a.toString());if("string"===typeof a||a instanceof String)this._parts=d.parse(String(a),this._parts);else if(e||f){e=e?a._parts:a;for(c in e)"query"!==c&&B.call(this._parts,c)&&(this._parts[c]=e[c]);e.query&&this.query(e.query,!1)}else throw new TypeError("invalid input");this.build(!b);return this};
 g.is=function(a){var b=!1,c=!1,e=!1,f=!1,h=!1,r=!1,y=!1,A=!this._parts.urn;this._parts.hostname&&(A=!1,c=d.ip4_expression.test(this._parts.hostname),e=d.ip6_expression.test(this._parts.hostname),b=c||e,h=(f=!b)&&n&&n.has(this._parts.hostname),r=f&&d.idn_expression.test(this._parts.hostname),y=f&&d.punycode_expression.test(this._parts.hostname));switch(a.toLowerCase()){case "relative":return A;case "absolute":return!A;case "domain":case "name":return f;case "sld":return h;case "ip":return b;case "ip4":case "ipv4":case "inet4":return c;
 case "ip6":case "ipv6":case "inet6":return e;case "idn":return r;case "url":return!this._parts.urn;case "urn":return!!this._parts.urn;case "punycode":return y}return null};var u=g.protocol,q=g.port,z=g.hostname;g.protocol=function(a,b){if(a&&(a=a.replace(/:(\/\/)?$/,""),!a.match(d.protocol_expression)))throw new TypeError('Protocol "'+a+"\" contains characters other than [A-Z0-9.+-] or doesn't start with [A-Z]");return u.call(this,a,b)};g.scheme=g.protocol;g.port=function(a,b){if(this._parts.urn)return void 0===
 a?"":this;void 0!==a&&(0===a&&(a=null),a&&(a+="",":"===a.charAt(0)&&(a=a.substring(1)),d.ensureValidPort(a)));return q.call(this,a,b)};g.hostname=function(a,b){if(this._parts.urn)return void 0===a?"":this;if(void 0!==a){var c={preventInvalidHostname:this._parts.preventInvalidHostname};if("/"!==d.parseHost(a,c))throw new TypeError('Hostname "'+a+'" contains characters other than [A-Z0-9.-]');a=c.hostname;this._parts.preventInvalidHostname&&d.ensureValidHostname(a,this._parts.protocol)}return z.call(this,
 a,b)};g.origin=function(a,b){if(this._parts.urn)return void 0===a?"":this;if(void 0===a){var c=this.protocol();return this.authority()?(c?c+"://":"")+this.authority():""}c=d(a);this.protocol(c.protocol()).authority(c.authority()).build(!b);return this};g.host=function(a,b){if(this._parts.urn)return void 0===a?"":this;if(void 0===a)return this._parts.hostname?d.buildHost(this._parts):"";if("/"!==d.parseHost(a,this._parts))throw new TypeError('Hostname "'+a+'" contains characters other than [A-Z0-9.-]');
 this.build(!b);return this};g.authority=function(a,b){if(this._parts.urn)return void 0===a?"":this;if(void 0===a)return this._parts.hostname?d.buildAuthority(this._parts):"";if("/"!==d.parseAuthority(a,this._parts))throw new TypeError('Hostname "'+a+'" contains characters other than [A-Z0-9.-]');this.build(!b);return this};g.userinfo=function(a,b){if(this._parts.urn)return void 0===a?"":this;if(void 0===a){var c=d.buildUserinfo(this._parts);return c?c.substring(0,c.length-1):c}"@"!==a[a.length-1]&&
 (a+="@");d.parseUserinfo(a,this._parts);this.build(!b);return this};g.resource=function(a,b){if(void 0===a)return this.path()+this.search()+this.hash();var c=d.parse(a);this._parts.path=c.path;this._parts.query=c.query;this._parts.fragment=c.fragment;this.build(!b);return this};g.subdomain=function(a,b){if(this._parts.urn)return void 0===a?"":this;if(void 0===a){if(!this._parts.hostname||this.is("IP"))return"";var c=this._parts.hostname.length-this.domain().length-1;return this._parts.hostname.substring(0,
 c)||""}c=this._parts.hostname.length-this.domain().length;c=this._parts.hostname.substring(0,c);c=new RegExp("^"+m(c));a&&"."!==a.charAt(a.length-1)&&(a+=".");if(-1!==a.indexOf(":"))throw new TypeError("Domains cannot contain colons");a&&d.ensureValidHostname(a,this._parts.protocol);this._parts.hostname=this._parts.hostname.replace(c,a);this.build(!b);return this};g.domain=function(a,b){if(this._parts.urn)return void 0===a?"":this;"boolean"===typeof a&&(b=a,a=void 0);if(void 0===a){if(!this._parts.hostname||
 this.is("IP"))return"";var c=this._parts.hostname.match(/\./g);if(c&&2>c.length)return this._parts.hostname;c=this._parts.hostname.length-this.tld(b).length-1;c=this._parts.hostname.lastIndexOf(".",c-1)+1;return this._parts.hostname.substring(c)||""}if(!a)throw new TypeError("cannot set domain empty");if(-1!==a.indexOf(":"))throw new TypeError("Domains cannot contain colons");d.ensureValidHostname(a,this._parts.protocol);!this._parts.hostname||this.is("IP")?this._parts.hostname=a:(c=new RegExp(m(this.domain())+
 "$"),this._parts.hostname=this._parts.hostname.replace(c,a));this.build(!b);return this};g.tld=function(a,b){if(this._parts.urn)return void 0===a?"":this;"boolean"===typeof a&&(b=a,a=void 0);if(void 0===a){if(!this._parts.hostname||this.is("IP"))return"";var c=this._parts.hostname.lastIndexOf(".");c=this._parts.hostname.substring(c+1);return!0!==b&&n&&n.list[c.toLowerCase()]?n.get(this._parts.hostname)||c:c}if(a)if(a.match(/[^a-zA-Z0-9-]/))if(n&&n.is(a))c=new RegExp(m(this.tld())+"$"),this._parts.hostname=
 this._parts.hostname.replace(c,a);else throw new TypeError('TLD "'+a+'" contains characters other than [A-Z0-9]');else{if(!this._parts.hostname||this.is("IP"))throw new ReferenceError("cannot set TLD on non-domain host");c=new RegExp(m(this.tld())+"$");this._parts.hostname=this._parts.hostname.replace(c,a)}else throw new TypeError("cannot set TLD empty");this.build(!b);return this};g.directory=function(a,b){if(this._parts.urn)return void 0===a?"":this;if(void 0===a||!0===a){if(!this._parts.path&&
 !this._parts.hostname)return"";if("/"===this._parts.path)return"/";var c=this._parts.path.length-this.filename().length-1;c=this._parts.path.substring(0,c)||(this._parts.hostname?"/":"");return a?d.decodePath(c):c}c=this._parts.path.length-this.filename().length;c=this._parts.path.substring(0,c);c=new RegExp("^"+m(c));this.is("relative")||(a||(a="/"),"/"!==a.charAt(0)&&(a="/"+a));a&&"/"!==a.charAt(a.length-1)&&(a+="/");a=d.recodePath(a);this._parts.path=this._parts.path.replace(c,a);this.build(!b);
 return this};g.filename=function(a,b){if(this._parts.urn)return void 0===a?"":this;if("string"!==typeof a){if(!this._parts.path||"/"===this._parts.path)return"";var c=this._parts.path.lastIndexOf("/");c=this._parts.path.substring(c+1);return a?d.decodePathSegment(c):c}c=!1;"/"===a.charAt(0)&&(a=a.substring(1));a.match(/\.?\//)&&(c=!0);var e=new RegExp(m(this.filename())+"$");a=d.recodePath(a);this._parts.path=this._parts.path.replace(e,a);c?this.normalizePath(b):this.build(!b);return this};g.suffix=
 function(a,b){if(this._parts.urn)return void 0===a?"":this;if(void 0===a||!0===a){if(!this._parts.path||"/"===this._parts.path)return"";var c=this.filename(),e=c.lastIndexOf(".");if(-1===e)return"";c=c.substring(e+1);c=/^[a-z0-9%]+$/i.test(c)?c:"";return a?d.decodePathSegment(c):c}"."===a.charAt(0)&&(a=a.substring(1));if(c=this.suffix())e=a?new RegExp(m(c)+"$"):new RegExp(m("."+c)+"$");else{if(!a)return this;this._parts.path+="."+d.recodePath(a)}e&&(a=d.recodePath(a),this._parts.path=this._parts.path.replace(e,
 a));this.build(!b);return this};g.segment=function(a,b,c){var e=this._parts.urn?":":"/",f=this.path(),h="/"===f.substring(0,1);f=f.split(e);void 0!==a&&"number"!==typeof a&&(c=b,b=a,a=void 0);if(void 0!==a&&"number"!==typeof a)throw Error('Bad segment "'+a+'", must be 0-based integer');h&&f.shift();0>a&&(a=Math.max(f.length+a,0));if(void 0===b)return void 0===a?f:f[a];if(null===a||void 0===f[a])if(v(b)){f=[];a=0;for(var r=b.length;a<r;a++)if(b[a].length||f.length&&f[f.length-1].length)f.length&&!f[f.length-
 1].length&&f.pop(),f.push(H(b[a]))}else{if(b||"string"===typeof b)b=H(b),""===f[f.length-1]?f[f.length-1]=b:f.push(b)}else b?f[a]=H(b):f.splice(a,1);h&&f.unshift("");return this.path(f.join(e),c)};g.segmentCoded=function(a,b,c){var e;"number"!==typeof a&&(c=b,b=a,a=void 0);if(void 0===b){a=this.segment(a,b,c);if(v(a)){var f=0;for(e=a.length;f<e;f++)a[f]=d.decode(a[f])}else a=void 0!==a?d.decode(a):void 0;return a}if(v(b))for(f=0,e=b.length;f<e;f++)b[f]=d.encode(b[f]);else b="string"===typeof b||b instanceof
 String?d.encode(b):b;return this.segment(a,b,c)};var C=g.query;g.query=function(a,b){if(!0===a)return d.parseQuery(this._parts.query,this._parts.escapeQuerySpace);if("function"===typeof a){var c=d.parseQuery(this._parts.query,this._parts.escapeQuerySpace),e=a.call(this,c);this._parts.query=d.buildQuery(e||c,this._parts.duplicateQueryParameters,this._parts.escapeQuerySpace);this.build(!b);return this}return void 0!==a&&"string"!==typeof a?(this._parts.query=d.buildQuery(a,this._parts.duplicateQueryParameters,
 this._parts.escapeQuerySpace),this.build(!b),this):C.call(this,a,b)};g.setQuery=function(a,b,c){var e=d.parseQuery(this._parts.query,this._parts.escapeQuerySpace);if("string"===typeof a||a instanceof String)e[a]=void 0!==b?b:null;else if("object"===typeof a)for(var f in a)B.call(a,f)&&(e[f]=a[f]);else throw new TypeError("URI.addQuery() accepts an object, string as the name parameter");this._parts.query=d.buildQuery(e,this._parts.duplicateQueryParameters,this._parts.escapeQuerySpace);"string"!==typeof a&&
 (c=b);this.build(!c);return this};g.addQuery=function(a,b,c){var e=d.parseQuery(this._parts.query,this._parts.escapeQuerySpace);d.addQuery(e,a,void 0===b?null:b);this._parts.query=d.buildQuery(e,this._parts.duplicateQueryParameters,this._parts.escapeQuerySpace);"string"!==typeof a&&(c=b);this.build(!c);return this};g.removeQuery=function(a,b,c){var e=d.parseQuery(this._parts.query,this._parts.escapeQuerySpace);d.removeQuery(e,a,b);this._parts.query=d.buildQuery(e,this._parts.duplicateQueryParameters,
 this._parts.escapeQuerySpace);"string"!==typeof a&&(c=b);this.build(!c);return this};g.hasQuery=function(a,b,c){var e=d.parseQuery(this._parts.query,this._parts.escapeQuerySpace);return d.hasQuery(e,a,b,c)};g.setSearch=g.setQuery;g.addSearch=g.addQuery;g.removeSearch=g.removeQuery;g.hasSearch=g.hasQuery;g.normalize=function(){return this._parts.urn?this.normalizeProtocol(!1).normalizePath(!1).normalizeQuery(!1).normalizeFragment(!1).build():this.normalizeProtocol(!1).normalizeHostname(!1).normalizePort(!1).normalizePath(!1).normalizeQuery(!1).normalizeFragment(!1).build()};
 g.normalizeProtocol=function(a){"string"===typeof this._parts.protocol&&(this._parts.protocol=this._parts.protocol.toLowerCase(),this.build(!a));return this};g.normalizeHostname=function(a){this._parts.hostname&&(this.is("IDN")&&t?this._parts.hostname=t.toASCII(this._parts.hostname):this.is("IPv6")&&w&&(this._parts.hostname=w.best(this._parts.hostname)),this._parts.hostname=this._parts.hostname.toLowerCase(),this.build(!a));return this};g.normalizePort=function(a){"string"===typeof this._parts.protocol&&
 this._parts.port===d.defaultPorts[this._parts.protocol]&&(this._parts.port=null,this.build(!a));return this};g.normalizePath=function(a){var b=this._parts.path;if(!b)return this;if(this._parts.urn)return this._parts.path=d.recodeUrnPath(this._parts.path),this.build(!a),this;if("/"===this._parts.path)return this;b=d.recodePath(b);var c="";if("/"!==b.charAt(0)){var e=!0;b="/"+b}if("/.."===b.slice(-3)||"/."===b.slice(-2))b+="/";b=b.replace(/(\/(\.\/)+)|(\/\.$)/g,"/").replace(/\/{2,}/g,"/");e&&(c=b.substring(1).match(/^(\.\.\/)+/)||
 "")&&(c=c[0]);for(;;){var f=b.search(/\/\.\.(\/|$)/);if(-1===f)break;else if(0===f){b=b.substring(3);continue}var h=b.substring(0,f).lastIndexOf("/");-1===h&&(h=f);b=b.substring(0,h)+b.substring(f+3)}e&&this.is("relative")&&(b=c+b.substring(1));this._parts.path=b;this.build(!a);return this};g.normalizePathname=g.normalizePath;g.normalizeQuery=function(a){"string"===typeof this._parts.query&&(this._parts.query.length?this.query(d.parseQuery(this._parts.query,this._parts.escapeQuerySpace)):this._parts.query=
 null,this.build(!a));return this};g.normalizeFragment=function(a){this._parts.fragment||(this._parts.fragment=null,this.build(!a));return this};g.normalizeSearch=g.normalizeQuery;g.normalizeHash=g.normalizeFragment;g.iso8859=function(){var a=d.encode,b=d.decode;d.encode=escape;d.decode=decodeURIComponent;try{this.normalize()}finally{d.encode=a,d.decode=b}return this};g.unicode=function(){var a=d.encode,b=d.decode;d.encode=N;d.decode=unescape;try{this.normalize()}finally{d.encode=a,d.decode=b}return this};
 g.readable=function(){var a=this.clone();a.username("").password("").normalize();var b="";a._parts.protocol&&(b+=a._parts.protocol+"://");a._parts.hostname&&(a.is("punycode")&&t?(b+=t.toUnicode(a._parts.hostname),a._parts.port&&(b+=":"+a._parts.port)):b+=a.host());a._parts.hostname&&a._parts.path&&"/"!==a._parts.path.charAt(0)&&(b+="/");b+=a.path(!0);if(a._parts.query){for(var c="",e=0,f=a._parts.query.split("&"),h=f.length;e<h;e++){var r=(f[e]||"").split("=");c+="&"+d.decodeQuery(r[0],this._parts.escapeQuerySpace).replace(/&/g,
 "%26");void 0!==r[1]&&(c+="="+d.decodeQuery(r[1],this._parts.escapeQuerySpace).replace(/&/g,"%26"))}b+="?"+c.substring(1)}return b+=d.decodeQuery(a.hash(),!0)};g.absoluteTo=function(a){var b=this.clone(),c=["protocol","username","password","hostname","port"],e,f;if(this._parts.urn)throw Error("URNs do not have any generally defined hierarchical components");a instanceof d||(a=new d(a));if(b._parts.protocol)return b;b._parts.protocol=a._parts.protocol;if(this._parts.hostname)return b;for(e=0;f=c[e];e++)b._parts[f]=
 a._parts[f];b._parts.path?(".."===b._parts.path.substring(-2)&&(b._parts.path+="/"),"/"!==b.path().charAt(0)&&(c=(c=a.directory())?c:0===a.path().indexOf("/")?"/":"",b._parts.path=(c?c+"/":"")+b._parts.path,b.normalizePath())):(b._parts.path=a._parts.path,b._parts.query||(b._parts.query=a._parts.query));b.build();return b};g.relativeTo=function(a){var b=this.clone().normalize();if(b._parts.urn)throw Error("URNs do not have any generally defined hierarchical components");a=(new d(a)).normalize();var c=
 b._parts;var e=a._parts;var f=b.path();a=a.path();if("/"!==f.charAt(0))throw Error("URI is already relative");if("/"!==a.charAt(0))throw Error("Cannot calculate a URI relative to another relative URI");c.protocol===e.protocol&&(c.protocol=null);if(c.username===e.username&&c.password===e.password&&null===c.protocol&&null===c.username&&null===c.password&&c.hostname===e.hostname&&c.port===e.port)c.hostname=null,c.port=null;else return b.build();if(f===a)return c.path="",b.build();f=d.commonPath(f,a);
 if(!f)return b.build();e=e.path.substring(f.length).replace(/[^\/]*$/,"").replace(/.*?\//g,"../");c.path=e+c.path.substring(f.length)||"./";return b.build()};g.equals=function(a){var b=this.clone(),c=new d(a);a={};var e;b.normalize();c.normalize();if(b.toString()===c.toString())return!0;var f=b.query();var h=c.query();b.query("");c.query("");if(b.toString()!==c.toString()||f.length!==h.length)return!1;b=d.parseQuery(f,this._parts.escapeQuerySpace);h=d.parseQuery(h,this._parts.escapeQuerySpace);for(e in b)if(B.call(b,
 e)){if(!v(b[e])){if(b[e]!==h[e])return!1}else if(!M(b[e],h[e]))return!1;a[e]=!0}for(e in h)if(B.call(h,e)&&!a[e])return!1;return!0};g.preventInvalidHostname=function(a){this._parts.preventInvalidHostname=!!a;return this};g.duplicateQueryParameters=function(a){this._parts.duplicateQueryParameters=!!a;return this};g.escapeQuerySpace=function(a){this._parts.escapeQuerySpace=!!a;return this};return d});
--- a/app/public/static/markdowntextarea.js
+++ b/app/public/static/markdowntextarea.js
@ -1,6 +1,3 @@
 // @author rubenwardy
 // @license magnet:?xt=urn:btih:1f739d935676111cfff4b4693e3816e664797050&dn=gpl-3.0.txt GPL-v3-or-Later
 $("textarea.markdown").each(function() {
 	async function render(plainText, preview) {
 		const response = await fetch(new Request("/api/markdown/", {
@ -17,53 +14,10 @@ $("textarea.markdown").each(function() {
 	let timeout_id = null;
-	function urlInserter(url) {
+	new EasyMDE({
 		return (editor) => {
 			var cm = editor.codemirror;
 			var stat = getState(cm);
 			var options = editor.options;
 			_replaceSelection(cm, stat.table, `[](${url})`);
 		};
 	}
 	this.easy_mde = new EasyMDE({
 		element: this,
 		hideIcons: ["image"],
 		showIcons: ["code", "table"],
 		forceSync: true,
 		toolbar: [
 			"bold",
 			"italic",
 			"heading",
 			"|",
 			"code",
 			"quote",
 			"unordered-list",
 			"ordered-list",
 			"|",
 			"link",
 			"table",
 			"|",
 			"preview",
 			"side-by-side",
 			"fullscreen",
 			"|",
 			"guide",
 //			{
 //				name: "rules",
 //				className: "fa fa-book",
 //				title: "others buttons",
 //				children: [
 //					{
 //						name: "rules",
 //						action: urlInserter("/policy_and_guidance/#2-accepted-content"),
 //						className: "fa fa-star",
 //						title: "2. Accepted content",
 //						text: "2. Accepted content",
 //					},
 //				]
 //			},
 		],
 		previewRender: (plainText, preview) => {
 			if (timeout_id) {
 				clearTimeout(timeout_id);
--- a/app/public/static/package_create.js
+++ b/app/public/static/package_create.js
@ -25,14 +25,6 @@ $(function() {
 					const ele = $(id);
 					ele.val(value);
 					ele.trigger("change");
 					// EasyMDE doesn't always refresh the codemirror correctly
 					if (ele[0].easy_mde) {
 						setTimeout(() => {
 							ele[0].easy_mde.value(value);
 							ele[0].easy_mde.codemirror.refresh()
 						}, 100);
 					}
 				}
 			}
@ -41,9 +33,12 @@ $(function() {
 				setField("#title", result.title);
 				setField("#repo", result.repo || repoURL);
 				setField("#issueTracker", result.issueTracker);
-				setField("#desc", result.desc);
+				setField("#desc", result.description);
-				setField("#short_desc", result.short_desc);
+				setField("#short_desc", result.short_description);
-				setField("#forums", result.forums);
+				// setField("#harddep_str", result.depends);
 				// setField("#softdep_str", result.optional_depends);
 				setField("#short_desc", result.short_description);
 				setField("#forums", result.forumId);
 				if (result.type && result.type.length > 2) {
 					$("#type").val(result.type);
 				}
--- a/app/public/static/placeholder.png
+++ b/app/public/static/placeholder.png
--- a/Show More
+++ b/Show More