diff --git a/models/perm/access/repo_permission.go b/models/perm/access/repo_permission.go
index ba7544f3436f2..034557db33a8d 100644
--- a/models/perm/access/repo_permission.go
+++ b/models/perm/access/repo_permission.go
@@ -276,6 +276,7 @@ func GetActionsUserRepoPermission(ctx context.Context, repo *repo_model.Reposito
 			// The task repo can access the current repo only if the task repo is private and
 			// the owner of the task repo is a collaborative owner of the current repo.
 			// FIXME allow public repo read access if tokenless pull is enabled
+			// FIXME should owner's visibility also be considered here?
 			return perm, nil
 		}
 		accessMode = perm_model.AccessModeRead
diff --git a/routers/api/v1/repo/branch.go b/routers/api/v1/repo/branch.go
index a703ca6909516..a337ed7938867 100644
--- a/routers/api/v1/repo/branch.go
+++ b/routers/api/v1/repo/branch.go
@@ -243,7 +243,7 @@ func CreateBranch(ctx *context.APIContext) {
 		}
 	}
 
-	err = repo_service.CreateNewBranchFromCommit(ctx, ctx.Doer, ctx.Repo.Repository, ctx.Repo.GitRepo, oldCommit.ID.String(), opt.BranchName)
+	err = repo_service.CreateNewBranchFromCommit(ctx, ctx.Doer, ctx.Repo.Repository, oldCommit.ID.String(), opt.BranchName)
 	if err != nil {
 		if git_model.IsErrBranchNotExist(err) {
 			ctx.APIError(http.StatusNotFound, "The old branch does not exist")
@@ -434,7 +434,7 @@ func RenameBranch(ctx *context.APIContext) {
 		return
 	}
 
-	msg, err := repo_service.RenameBranch(ctx, repo, ctx.Doer, ctx.Repo.GitRepo, oldName, opt.Name)
+	msg, err := repo_service.RenameBranch(ctx, repo, ctx.Doer, oldName, opt.Name)
 	if err != nil {
 		switch {
 		case repo_model.IsErrUserDoesNotHaveAccessToRepo(err):
diff --git a/routers/web/repo/branch.go b/routers/web/repo/branch.go
index 96d1d87836287..f21f5682318a6 100644
--- a/routers/web/repo/branch.go
+++ b/routers/web/repo/branch.go
@@ -194,9 +194,9 @@ func CreateBranch(ctx *context.Context) {
 		}
 		err = release_service.CreateNewTag(ctx, ctx.Doer, ctx.Repo.Repository, target, form.NewBranchName, "")
 	} else if ctx.Repo.RefFullName.IsBranch() {
-		err = repo_service.CreateNewBranch(ctx, ctx.Doer, ctx.Repo.Repository, ctx.Repo.GitRepo, ctx.Repo.BranchName, form.NewBranchName)
+		err = repo_service.CreateNewBranch(ctx, ctx.Doer, ctx.Repo.Repository, ctx.Repo.BranchName, form.NewBranchName)
 	} else {
-		err = repo_service.CreateNewBranchFromCommit(ctx, ctx.Doer, ctx.Repo.Repository, ctx.Repo.GitRepo, ctx.Repo.CommitID, form.NewBranchName)
+		err = repo_service.CreateNewBranchFromCommit(ctx, ctx.Doer, ctx.Repo.Repository, ctx.Repo.CommitID, form.NewBranchName)
 	}
 	if err != nil {
 		if release_service.IsErrProtectedTagName(err) {
diff --git a/routers/web/repo/setting/protected_branch.go b/routers/web/repo/setting/protected_branch.go
index 152f67550cc6c..c7bde087a2d99 100644
--- a/routers/web/repo/setting/protected_branch.go
+++ b/routers/web/repo/setting/protected_branch.go
@@ -337,7 +337,7 @@ func RenameBranchPost(ctx *context.Context) {
 		return
 	}
 
-	msg, err := repository.RenameBranch(ctx, ctx.Repo.Repository, ctx.Doer, ctx.Repo.GitRepo, form.From, form.To)
+	msg, err := repository.RenameBranch(ctx, ctx.Repo.Repository, ctx.Doer, form.From, form.To)
 	if err != nil {
 		switch {
 		case repo_model.IsErrUserDoesNotHaveAccessToRepo(err):
diff --git a/routers/web/repo/setting/setting.go b/routers/web/repo/setting/setting.go
index 0b0c990ae0d1c..60eb35f56d154 100644
--- a/routers/web/repo/setting/setting.go
+++ b/routers/web/repo/setting/setting.go
@@ -207,11 +207,6 @@ func handleSettingsPostUpdate(ctx *context.Context) {
 	repo.Website = form.Website
 	repo.IsTemplate = form.Template
 
-	// Visibility of forked repository is forced sync with base repository.
-	if repo.IsFork {
-		form.Private = repo.BaseRepo.IsPrivate || repo.BaseRepo.Owner.Visibility == structs.VisibleTypePrivate
-	}
-
 	if err := repo_service.UpdateRepository(ctx, repo, false); err != nil {
 		ctx.ServerError("UpdateRepository", err)
 		return
diff --git a/services/forms/repo_form.go b/services/forms/repo_form.go
index 67f24c4cbe0f7..6820521ba3de2 100644
--- a/services/forms/repo_form.go
+++ b/services/forms/repo_form.go
@@ -104,7 +104,6 @@ type RepoSettingForm struct {
 	PushMirrorPassword     string
 	PushMirrorSyncOnCommit bool
 	PushMirrorInterval     string
-	Private                bool
 	Template               bool
 	EnablePrune            bool
 
@@ -148,10 +147,6 @@ type RepoSettingForm struct {
 	AllowOnlyContributorsToTrackTime bool
 	EnableIssueDependencies          bool
 
-	EnableActions bool
-
-	IsArchived bool
-
 	// Signing Settings
 	TrustModel string
 
diff --git a/services/repository/branch.go b/services/repository/branch.go
index 57eefbb741534..0a2fd30620d22 100644
--- a/services/repository/branch.go
+++ b/services/repository/branch.go
@@ -38,13 +38,13 @@ import (
 )
 
 // CreateNewBranch creates a new repository branch
-func CreateNewBranch(ctx context.Context, doer *user_model.User, repo *repo_model.Repository, gitRepo *git.Repository, oldBranchName, branchName string) (err error) {
+func CreateNewBranch(ctx context.Context, doer *user_model.User, repo *repo_model.Repository, oldBranchName, branchName string) (err error) {
 	branch, err := git_model.GetBranch(ctx, repo.ID, oldBranchName)
 	if err != nil {
 		return err
 	}
 
-	return CreateNewBranchFromCommit(ctx, doer, repo, gitRepo, branch.CommitID, branchName)
+	return CreateNewBranchFromCommit(ctx, doer, repo, branch.CommitID, branchName)
 }
 
 // Branch contains the branch information
@@ -374,7 +374,7 @@ func SyncBranchesToDB(ctx context.Context, repoID, pusherID int64, branchNames,
 }
 
 // CreateNewBranchFromCommit creates a new repository branch
-func CreateNewBranchFromCommit(ctx context.Context, doer *user_model.User, repo *repo_model.Repository, gitRepo *git.Repository, commitID, branchName string) (err error) {
+func CreateNewBranchFromCommit(ctx context.Context, doer *user_model.User, repo *repo_model.Repository, commitID, branchName string) (err error) {
 	err = repo.MustNotBeArchived()
 	if err != nil {
 		return err
@@ -399,7 +399,7 @@ func CreateNewBranchFromCommit(ctx context.Context, doer *user_model.User, repo
 }
 
 // RenameBranch rename a branch
-func RenameBranch(ctx context.Context, repo *repo_model.Repository, doer *user_model.User, gitRepo *git.Repository, from, to string) (string, error) {
+func RenameBranch(ctx context.Context, repo *repo_model.Repository, doer *user_model.User, from, to string) (string, error) {
 	err := repo.MustNotBeArchived()
 	if err != nil {
 		return "", err
@@ -413,8 +413,12 @@ func RenameBranch(ctx context.Context, repo *repo_model.Repository, doer *user_m
 		return "target_exist", nil
 	}
 
-	if exist, _ := git_model.IsBranchExist(ctx, repo.ID, from); !exist {
-		return "from_not_exist", nil
+	fromBranch, err := git_model.GetBranch(ctx, repo.ID, from)
+	if err != nil {
+		if git_model.IsErrBranchNotExist(err) {
+			return "from_not_exist", nil
+		}
+		return "", err
 	}
 
 	perm, err := access_model.GetUserRepoPermission(ctx, repo, doer)
@@ -472,14 +476,9 @@ func RenameBranch(ctx context.Context, repo *repo_model.Repository, doer *user_m
 	}); err != nil {
 		return "", err
 	}
-	refNameTo := git.RefNameFromBranch(to)
-	refID, err := gitRepo.GetRefCommitID(refNameTo.String())
-	if err != nil {
-		return "", err
-	}
 
 	notify_service.DeleteRef(ctx, doer, repo, git.RefNameFromBranch(from))
-	notify_service.CreateRef(ctx, doer, repo, refNameTo, refID)
+	notify_service.CreateRef(ctx, doer, repo, git.RefNameFromBranch(to), fromBranch.CommitID)
 
 	return "", nil
 }
diff --git a/templates/admin/notice.tmpl b/templates/admin/notice.tmpl
index a4c9dc53fb160..6231369d39f6d 100644
--- a/templates/admin/notice.tmpl
+++ b/templates/admin/notice.tmpl
@@ -37,7 +37,7 @@
 									{{.CsrfTokenHtml}}
 									<button type="submit" class="ui red small button">{{ctx.Locale.Tr "admin.notices.delete_all"}}</button>
 								</form>
-								<div class="ui floating upward dropdown small button">{{/* TODO: Make this dropdown accessible */}}
+								<div class="ui floating upward dropdown small button">
 									<span class="text">{{ctx.Locale.Tr "admin.notices.operations"}}</span>
 									<div class="menu">
 										<div class="item select action" data-action="select-all">
diff --git a/templates/projects/new.tmpl b/templates/projects/new.tmpl
index f2630be09b720..e1d9219170de2 100644
--- a/templates/projects/new.tmpl
+++ b/templates/projects/new.tmpl
@@ -18,7 +18,7 @@
 		</div>
 		<div class="field">
 			<label>{{ctx.Locale.Tr "repo.projects.description"}}</label>
-			{{/* TODO: repo-level project and org-level project have different behaviros to render */}}
+			{{/* TODO: repo-level project and org-level project have different behaviors to render */}}
 			{{/* the "Repository" is nil when the project is org-level */}}
 			{{template "shared/combomarkdowneditor" (dict
 				"MarkdownPreviewInRepo" $.Repository
diff --git a/templates/repo/issue/branch_selector_field.tmpl b/templates/repo/issue/branch_selector_field.tmpl
index c8b67490ac8b7..dc77755349c95 100644
--- a/templates/repo/issue/branch_selector_field.tmpl
+++ b/templates/repo/issue/branch_selector_field.tmpl
@@ -2,7 +2,8 @@
 PR: https://github.com/go-gitea/gitea/pull/32744
 
 The Issue.Ref was added by Add possibility to record branch or tag information in an issue (#780)
-After 8 years, this "branch selector" does nothing more than saving the branch/tag name into database and displays it.
+After 8 years, this "branch selector" does nothing more than saving the branch/tag name into database and displays it,
+or sometimes auto-close a ref-matched issue by a commit message when CloseIssuesViaCommitInAnyBranch=false.
 
 There are still users using it:
 * @didim99: it is a really useful feature to specify a branch in which issue found.
diff --git a/templates/repo/settings/actions_general.tmpl b/templates/repo/settings/actions_general.tmpl
index 96d854ca8d2b0..06b7c8bad5025 100644
--- a/templates/repo/settings/actions_general.tmpl
+++ b/templates/repo/settings/actions_general.tmpl
@@ -10,7 +10,7 @@
 			<div class="inline field">
 				<label>{{ctx.Locale.Tr "actions.actions"}}</label>
 				<div class="ui checkbox{{if $isActionsGlobalDisabled}} disabled{{end}}"{{if $isActionsGlobalDisabled}} data-tooltip-content="{{ctx.Locale.Tr "repo.unit_disabled"}}"{{end}}>
-					<input class="enable-system" name="enable_actions" type="checkbox" {{if $isActionsGlobalDisabled}}disabled{{end}} {{if $isActionsEnabled}}checked{{end}}>
+					<input name="enable_actions" type="checkbox" {{if $isActionsGlobalDisabled}}disabled{{end}} {{if $isActionsEnabled}}checked{{end}}>
 					<label>{{ctx.Locale.Tr "repo.settings.actions_desc"}}</label>
 				</div>
 			</div>
@@ -23,7 +23,7 @@
 		</form>
 	</div>
 
-	{{if and .EnableActions (.Permission.CanRead ctx.Consts.RepoUnitTypeActions)}}
+{{if and .EnableActions (.Permission.CanRead ctx.Consts.RepoUnitTypeActions)}}
 	{{if .Repository.IsPrivate}}
 	<h4 class="ui top attached header">
 		{{ctx.Locale.Tr "actions.general.collaborative_owners_management"}}
@@ -65,5 +65,5 @@
 		{{ctx.Locale.Tr "actions.general.collaborative_owners_management_help"}}
 	</div>
 	{{end}}
-	{{end}}
+{{end}}
 </div>
diff --git a/tests/integration/actions_trigger_test.go b/tests/integration/actions_trigger_test.go
index 3edb6017b4047..d5486b6a392fb 100644
--- a/tests/integration/actions_trigger_test.go
+++ b/tests/integration/actions_trigger_test.go
@@ -23,7 +23,6 @@ import (
 	user_model "code.gitea.io/gitea/models/user"
 	actions_module "code.gitea.io/gitea/modules/actions"
 	"code.gitea.io/gitea/modules/commitstatus"
-	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/gitrepo"
 	"code.gitea.io/gitea/modules/json"
 	"code.gitea.io/gitea/modules/setting"
@@ -412,7 +411,7 @@ jobs:
 		assert.NoError(t, err)
 
 		// create a branch
-		err = repo_service.CreateNewBranchFromCommit(t.Context(), user2, repo, gitRepo, branch.CommitID, "test-create-branch")
+		err = repo_service.CreateNewBranchFromCommit(t.Context(), user2, repo, branch.CommitID, "test-create-branch")
 		assert.NoError(t, err)
 		run := unittest.AssertExistsAndLoadBean(t, &actions_model.ActionRun{
 			Title:      "add workflow",
@@ -530,9 +529,7 @@ jobs:
 
 		// create a new branch
 		testBranch := "test-branch"
-		gitRepo, err := git.OpenRepository(t.Context(), ".")
-		assert.NoError(t, err)
-		err = repo_service.CreateNewBranch(t.Context(), user2, repo, gitRepo, "main", testBranch)
+		err = repo_service.CreateNewBranch(t.Context(), user2, repo, "main", testBranch)
 		assert.NoError(t, err)
 
 		// create Pull
@@ -1507,14 +1504,11 @@ jobs:
 		assert.NotEmpty(t, addWorkflowToBaseResp)
 
 		// Get the commit ID of the default branch
-		gitRepo, err := gitrepo.OpenRepository(t.Context(), repo)
-		assert.NoError(t, err)
-		defer gitRepo.Close()
 		branch, err := git_model.GetBranch(t.Context(), repo.ID, repo.DefaultBranch)
 		assert.NoError(t, err)
 
 		// create a branch
-		err = repo_service.CreateNewBranchFromCommit(t.Context(), user2, repo, gitRepo, branch.CommitID, "test-action-run-name-with-variables")
+		err = repo_service.CreateNewBranchFromCommit(t.Context(), user2, repo, branch.CommitID, "test-action-run-name-with-variables")
 		assert.NoError(t, err)
 		run := unittest.AssertExistsAndLoadBean(t, &actions_model.ActionRun{
 			Title:      user2.LoginName + " is running this workflow",
@@ -1584,14 +1578,11 @@ jobs:
 		assert.NotEmpty(t, addWorkflowToBaseResp)
 
 		// Get the commit ID of the default branch
-		gitRepo, err := gitrepo.OpenRepository(t.Context(), repo)
-		assert.NoError(t, err)
-		defer gitRepo.Close()
 		branch, err := git_model.GetBranch(t.Context(), repo.ID, repo.DefaultBranch)
 		assert.NoError(t, err)
 
 		// create a branch
-		err = repo_service.CreateNewBranchFromCommit(t.Context(), user2, repo, gitRepo, branch.CommitID, "test-action-run-name")
+		err = repo_service.CreateNewBranchFromCommit(t.Context(), user2, repo, branch.CommitID, "test-action-run-name")
 		assert.NoError(t, err)
 		run := unittest.AssertExistsAndLoadBean(t, &actions_model.ActionRun{
 			Title:      "run name without variables",
diff --git a/tests/integration/api_repo_get_contents_list_test.go b/tests/integration/api_repo_get_contents_list_test.go
index 5a53b0eca9ed2..4984559f0c603 100644
--- a/tests/integration/api_repo_get_contents_list_test.go
+++ b/tests/integration/api_repo_get_contents_list_test.go
@@ -80,7 +80,7 @@ func testAPIGetContentsList(t *testing.T, u *url.URL) {
 
 	// Make a new branch in repo1
 	newBranch := "test_branch"
-	err = repo_service.CreateNewBranch(t.Context(), user2, repo1, gitRepo, repo1.DefaultBranch, newBranch)
+	err = repo_service.CreateNewBranch(t.Context(), user2, repo1, repo1.DefaultBranch, newBranch)
 	assert.NoError(t, err)
 
 	commitID, _ := gitRepo.GetBranchCommitID(repo1.DefaultBranch)
diff --git a/tests/integration/api_repo_get_contents_test.go b/tests/integration/api_repo_get_contents_test.go
index 3e863eed6ff7e..6225c96bc6d9b 100644
--- a/tests/integration/api_repo_get_contents_test.go
+++ b/tests/integration/api_repo_get_contents_test.go
@@ -85,7 +85,7 @@ func testAPIGetContents(t *testing.T, u *url.URL) {
 
 	// Make a new branch in repo1
 	newBranch := "test_branch"
-	err = repo_service.CreateNewBranch(t.Context(), user2, repo1, gitRepo, repo1.DefaultBranch, newBranch)
+	err = repo_service.CreateNewBranch(t.Context(), user2, repo1, repo1.DefaultBranch, newBranch)
 	require.NoError(t, err)
 
 	commitID, err := gitRepo.GetBranchCommitID(repo1.DefaultBranch)