Compare commits

..

267 Commits

Author SHA1 Message Date
jmiller 71e89f5704 chore: remove stale .mokogitea config dir (MokoGIT migration) 2026-07-16 10:37:12 -05:00
jmiller e6898a876b fix(repo): make system-repo name normalization case-sensitive
Universal: Auto Version Bump / Version Bump (push) Successful in 20s
Generic: Project CI / Lint & Validate (pull_request) Successful in 47s
Universal: PR Check / Branch Policy (pull_request) Successful in 4s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 2m1s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
PR RC Release / Build RC Release (pull_request) Successful in 2m7s
Universal: PR Check / Validate PR (pull_request) Successful in 24s
Universal: PR Check / Secret Scan (pull_request) Successful in 2m7s
Universal: Build & Release / Build & Release Pipeline (pull_request) Failing after 2m9s
Deploy (RC) / Build & Deploy to RC (push) Successful in 6m50s
Generic: Repo Health / Access control (pull_request) Successful in 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Standards Compliance / Secret Scanning (pull_request) Failing after 7s
Generic: Standards Compliance / License Header Validation (pull_request) Successful in 7s
Generic: Standards Compliance / Repository Structure Validation (pull_request) Successful in 7s
Generic: Standards Compliance / Coding Standards Check (pull_request) Successful in 9s
Generic: Standards Compliance / Workflow Configuration Check (pull_request) Failing after 8s
Generic: Standards Compliance / Documentation Quality Check (pull_request) Successful in 9s
Generic: Standards Compliance / README Completeness Check (pull_request) Failing after 9s
Generic: Standards Compliance / Version Consistency Check (pull_request) Successful in 1m3s
Generic: Standards Compliance / Script Integrity Validation (pull_request) Successful in 12s
Generic: Standards Compliance / Line Length Check (pull_request) Successful in 21s
Generic: Standards Compliance / File Naming Standards (pull_request) Successful in 9s
Generic: Standards Compliance / Insecure Code Pattern Detection (pull_request) Successful in 8s
Generic: Standards Compliance / Git Repository Hygiene (pull_request) Successful in 1m22s
Generic: Project CI / Tests (pull_request) Has been cancelled
Generic: Standards Compliance / Code Duplication Detection (pull_request) Successful in 1m16s
Generic: Standards Compliance / Code Complexity Analysis (pull_request) Successful in 1m17s
Generic: Standards Compliance / File Size Limits (pull_request) Successful in 8s
Generic: Standards Compliance / Dead Code Detection (pull_request) Successful in 11s
Generic: Standards Compliance / TODO/FIXME Tracking (pull_request) Successful in 9s
Generic: Standards Compliance / Dependency Vulnerability Scanning (pull_request) Successful in 1m1s
Generic: Standards Compliance / Binary File Detection (pull_request) Successful in 2m5s
Generic: Standards Compliance / Broken Link Detection (pull_request) Successful in 13s
Generic: Standards Compliance / Unused Dependencies Check (pull_request) Successful in 1m12s
Generic: Standards Compliance / API Documentation Coverage (pull_request) Successful in 11s
Generic: Standards Compliance / Accessibility Check (pull_request) Successful in 10s
Generic: Standards Compliance / Performance Metrics (pull_request) Successful in 10s
Generic: Standards Compliance / Enterprise Readiness Check (pull_request) Successful in 1m11s
Generic: Standards Compliance / Repository Health Check (pull_request) Successful in 1m6s
Branch Cleanup / Delete merged branch (pull_request) Successful in 1s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Generic: Standards Compliance / Terraform Configuration Validation (pull_request) Successful in 14s
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
Generic: Standards Compliance / Compliance Summary (pull_request) Has been cancelled
EqualFold matched the product name "MokoGIT" against reserved "mokogit",
normalizing it to ".MokoGIT" and colliding with the .mokogit org repo
(blocked renaming the fork to MokoGIT). Only exact lowercase bare names
should normalize.
2026-07-15 15:20:42 +00:00
jmiller 4885f3c123 chore: drop orphaned .mokogit/workflows dupes from main merge
Universal: Auto Version Bump / Version Bump (push) Successful in 18s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m36s
Deploy (RC) / Build & Deploy to RC (push) Successful in 6m2s
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Generic: Project CI / Lint & Validate (pull_request) Successful in 45s
Universal: PR Check / Validate PR (pull_request) Successful in 13s
Generic: Repo Health / Access control (pull_request) Successful in 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Generic: Standards Compliance / Secret Scanning (pull_request) Failing after 11s
Generic: Standards Compliance / License Header Validation (pull_request) Successful in 10s
Generic: Standards Compliance / Repository Structure Validation (pull_request) Successful in 11s
PR RC Release / Build RC Release (pull_request) Successful in 1m44s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m45s
Generic: Standards Compliance / Coding Standards Check (pull_request) Successful in 12s
Generic: Standards Compliance / Workflow Configuration Check (pull_request) Failing after 10s
Generic: Standards Compliance / Documentation Quality Check (pull_request) Successful in 9s
Generic: Standards Compliance / README Completeness Check (pull_request) Failing after 10s
Generic: Standards Compliance / Script Integrity Validation (pull_request) Successful in 12s
Generic: Standards Compliance / Line Length Check (pull_request) Successful in 24s
Universal: Build & Release / Build & Release Pipeline (pull_request) Failing after 1m42s
Generic: Standards Compliance / File Naming Standards (pull_request) Successful in 8s
Generic: Standards Compliance / Version Consistency Check (pull_request) Successful in 1m13s
Generic: Standards Compliance / Insecure Code Pattern Detection (pull_request) Successful in 9s
Generic: Standards Compliance / Git Repository Hygiene (pull_request) Successful in 1m35s
Generic: Standards Compliance / Dead Code Detection (pull_request) Successful in 11s
Generic: Standards Compliance / File Size Limits (pull_request) Successful in 8s
Generic: Standards Compliance / Code Complexity Analysis (pull_request) Successful in 1m3s
Generic: Standards Compliance / Code Duplication Detection (pull_request) Successful in 1m4s
Generic: Standards Compliance / TODO/FIXME Tracking (pull_request) Successful in 8s
Generic: Standards Compliance / Unused Dependencies Check (pull_request) Successful in 52s
Generic: Standards Compliance / Broken Link Detection (pull_request) Successful in 11s
Generic: Standards Compliance / API Documentation Coverage (pull_request) Successful in 7s
Generic: Standards Compliance / Accessibility Check (pull_request) Successful in 7s
Generic: Standards Compliance / Performance Metrics (pull_request) Successful in 7s
Generic: Standards Compliance / Binary File Detection (pull_request) Successful in 1m44s
Generic: Standards Compliance / Dependency Vulnerability Scanning (pull_request) Successful in 2m2s
Generic: Standards Compliance / Terraform Configuration Validation (pull_request) Successful in 17s
Branch Cleanup / Delete merged branch (pull_request) Successful in 2s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Generic: Standards Compliance / Enterprise Readiness Check (pull_request) Successful in 1m2s
Generic: Standards Compliance / Repository Health Check (pull_request) Successful in 1m3s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
Generic: Standards Compliance / Compliance Summary (pull_request) Has been cancelled
The main->rebrand merge resurrected .mokogit/workflows/ (workflows live at
.mokogitea/workflows during the cutover, per WorkflowDirs). Remove the dupes.

Claude-Session: https://claude.ai/code/session_01Bqe7fAuHQeiLueYfeHFrHw
2026-07-15 00:37:26 -05:00
jmiller dda5e81c41 Merge remote-tracking branch 'origin/main' into feature/rebrand-mokogit 2026-07-15 00:35:17 -05:00
jmiller 402f5d9412 chore: re-trigger dev deploy for MokoGIT rebrand
Claude-Session: https://claude.ai/code/session_01Bqe7fAuHQeiLueYfeHFrHw
2026-07-14 22:55:05 -05:00
jmiller 2d28553ed6 fix(ci): harden branch-cleanup.yml against Actions injection (sync from Template-Generic)
Generic: Standards Compliance / Secret Scanning (push) Failing after 8s
Generic: Standards Compliance / License Header Validation (push) Successful in 7s
Generic: Standards Compliance / Repository Structure Validation (push) Successful in 9s
Generic: Standards Compliance / Coding Standards Check (push) Successful in 10s
Generic: Standards Compliance / Version Consistency Check (push) Successful in 58s
Generic: Standards Compliance / Workflow Configuration Check (push) Failing after 8s
Generic: Standards Compliance / Documentation Quality Check (push) Successful in 7s
Generic: Standards Compliance / README Completeness Check (push) Failing after 6s
Generic: Standards Compliance / Git Repository Hygiene (push) Successful in 1m2s
Generic: Standards Compliance / Script Integrity Validation (push) Successful in 7s
Generic: Standards Compliance / Line Length Check (push) Successful in 15s
Generic: Standards Compliance / File Naming Standards (push) Successful in 5s
Generic: Standards Compliance / Insecure Code Pattern Detection (push) Successful in 6s
Generic: Standards Compliance / Code Complexity Analysis (push) Successful in 45s
Generic: Standards Compliance / Code Duplication Detection (push) Successful in 43s
Generic: Standards Compliance / Dead Code Detection (push) Successful in 9s
Generic: Standards Compliance / File Size Limits (push) Successful in 7s
Generic: Standards Compliance / Binary File Detection (push) Successful in 1m39s
Generic: Standards Compliance / TODO/FIXME Tracking (push) Successful in 8s
Generic: Standards Compliance / Dependency Vulnerability Scanning (push) Successful in 55s
Generic: Standards Compliance / Unused Dependencies Check (push) Successful in 47s
Generic: Standards Compliance / Broken Link Detection (push) Successful in 9s
Generic: Standards Compliance / API Documentation Coverage (push) Successful in 7s
Generic: Standards Compliance / Accessibility Check (push) Successful in 7s
Generic: Standards Compliance / Performance Metrics (push) Successful in 6s
Generic: Standards Compliance / Enterprise Readiness Check (push) Successful in 50s
Generic: Standards Compliance / Repository Health Check (push) Successful in 50s
Generic: Standards Compliance / Terraform Configuration Validation (push) Successful in 19s
Generic: Standards Compliance / Compliance Summary (push) Has been cancelled
Deploy (Prod) / Build & Deploy to Prod (push) Successful in 15m14s
2026-07-15 03:25:02 +00:00
jmiller b2396c636c fix(ci): harden issue-branch.yml against Actions injection (sync from Template-Generic)
Generic: Standards Compliance / Secret Scanning (push) Failing after 10s
Generic: Standards Compliance / License Header Validation (push) Successful in 10s
Generic: Standards Compliance / Repository Structure Validation (push) Successful in 9s
Generic: Standards Compliance / Coding Standards Check (push) Successful in 11s
Generic: Standards Compliance / Workflow Configuration Check (push) Failing after 8s
Generic: Standards Compliance / Documentation Quality Check (push) Successful in 8s
Generic: Standards Compliance / README Completeness Check (push) Failing after 7s
Generic: Standards Compliance / Version Consistency Check (push) Successful in 1m9s
Generic: Standards Compliance / Script Integrity Validation (push) Successful in 11s
Generic: Standards Compliance / Line Length Check (push) Successful in 25s
Generic: Standards Compliance / File Naming Standards (push) Successful in 8s
Generic: Standards Compliance / Git Repository Hygiene (push) Successful in 1m20s
Generic: Standards Compliance / Insecure Code Pattern Detection (push) Successful in 7s
Generic: Standards Compliance / Code Complexity Analysis (push) Successful in 1m8s
Generic: Standards Compliance / Code Duplication Detection (push) Successful in 1m4s
Generic: Standards Compliance / File Size Limits (push) Successful in 6s
Generic: Standards Compliance / Dead Code Detection (push) Successful in 8s
Generic: Standards Compliance / TODO/FIXME Tracking (push) Successful in 7s
Generic: Standards Compliance / Dependency Vulnerability Scanning (push) Successful in 45s
Generic: Standards Compliance / Binary File Detection (push) Successful in 1m25s
Generic: Standards Compliance / Broken Link Detection (push) Successful in 9s
Generic: Standards Compliance / Unused Dependencies Check (push) Successful in 48s
Generic: Standards Compliance / API Documentation Coverage (push) Successful in 6s
Generic: Standards Compliance / Accessibility Check (push) Successful in 6s
Generic: Standards Compliance / Performance Metrics (push) Successful in 6s
Generic: Standards Compliance / Enterprise Readiness Check (push) Successful in 54s
Generic: Standards Compliance / Repository Health Check (push) Successful in 1m2s
Generic: Standards Compliance / Terraform Configuration Validation (push) Successful in 13s
Generic: Standards Compliance / Compliance Summary (push) Has been cancelled
Deploy (Prod) / Build & Deploy to Prod (push) Failing after 21m19s
2026-07-15 03:24:56 +00:00
jmiller d869e24fb8 feat(repo): enforce leading dot on reserved system repos (.mokogit/.mokogit-private)
Universal: Auto Version Bump / Version Bump (push) Successful in 21s
PR RC Release / Build RC Release (pull_request) Successful in 3s
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Generic: Project CI / Lint & Validate (pull_request) Successful in 31s
Universal: PR Check / Validate PR (pull_request) Successful in 10s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m22s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
- NormalizeSystemRepoName: bare reserved names (mokogit, mokogit-private)
  are auto-normalized to their dotted form (.mokogit, .mokogit-private),
  so the org profile/wiki repos are always created as private system repos.
  Applied on repo create and rename.
- ChangeRepositoryName now refuses to rename any dot-prefixed system repo to
  a name without a leading dot (which would strip its system-repo/private
  status).

Claude-Session: https://claude.ai/code/session_01Bqe7fAuHQeiLueYfeHFrHw
2026-07-14 22:06:38 -05:00
jmiller 49b52ff76a fix(org-wiki): remove duplicated nav + fix intra-wiki links (reconcile from main #789)
Universal: Auto Version Bump / Version Bump (push) Successful in 21s
Generic: Project CI / Lint & Validate (pull_request) Successful in 34s
PR RC Release / Build RC Release (pull_request) Successful in 2s
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Universal: PR Check / Validate PR (pull_request) Successful in 11s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m26s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Re-apply the two org-wiki fixes onto the rebrand branch so the MokoGIT
cutover deploy does not regress them:
- drop the duplicate org/menu (org/header already renders it)
- rewrite intra-wiki links to /{owner}/-/wiki/ (relative + absolute,
  nested pages), hiding the wiki repo name; reword empty-state.

Claude-Session: https://claude.ai/code/session_01Bqe7fAuHQeiLueYfeHFrHw
2026-07-14 21:57:09 -05:00
jmiller c8069f3d3f Merge pull request 'fix(org): restore profile/wiki lookup to renamed .mokogit repos' (#790) from rc into main
Generic: Standards Compliance / Secret Scanning (push) Failing after 8s
Generic: Standards Compliance / License Header Validation (push) Successful in 7s
Generic: Standards Compliance / Repository Structure Validation (push) Successful in 8s
Generic: Standards Compliance / Coding Standards Check (push) Successful in 10s
Generic: Standards Compliance / Version Consistency Check (push) Successful in 1m11s
Generic: Standards Compliance / Workflow Configuration Check (push) Failing after 10s
Generic: Standards Compliance / Documentation Quality Check (push) Successful in 11s
Generic: Standards Compliance / README Completeness Check (push) Failing after 12s
Generic: Standards Compliance / Script Integrity Validation (push) Has been cancelled
Generic: Standards Compliance / Line Length Check (push) Has been cancelled
Generic: Standards Compliance / File Naming Standards (push) Has been cancelled
Generic: Standards Compliance / Insecure Code Pattern Detection (push) Has been cancelled
Generic: Standards Compliance / Code Complexity Analysis (push) Has been cancelled
Generic: Standards Compliance / Code Duplication Detection (push) Has been cancelled
Generic: Standards Compliance / Dead Code Detection (push) Has been cancelled
Generic: Standards Compliance / File Size Limits (push) Has been cancelled
Generic: Standards Compliance / Binary File Detection (push) Has been cancelled
Generic: Standards Compliance / TODO/FIXME Tracking (push) Has been cancelled
Generic: Standards Compliance / Dependency Vulnerability Scanning (push) Has been cancelled
Generic: Standards Compliance / Unused Dependencies Check (push) Has been cancelled
Generic: Standards Compliance / Broken Link Detection (push) Has been cancelled
Generic: Standards Compliance / API Documentation Coverage (push) Has been cancelled
Generic: Standards Compliance / Accessibility Check (push) Has been cancelled
Generic: Standards Compliance / Performance Metrics (push) Has been cancelled
Generic: Standards Compliance / Enterprise Readiness Check (push) Has been cancelled
Generic: Standards Compliance / Repository Health Check (push) Has been cancelled
Generic: Standards Compliance / Terraform Configuration Validation (push) Has been cancelled
Generic: Standards Compliance / Compliance Summary (push) Has been cancelled
Generic: Standards Compliance / Git Repository Hygiene (push) Successful in 2m8s
Deploy (Prod) / Build & Deploy to Prod (push) Successful in 5m22s
2026-07-15 02:51:51 +00:00
jmiller 8a4b479129 fix(org): point profile/wiki repo lookup at renamed .mokogit repos
Universal: Auto Version Bump / Version Bump (push) Successful in 17s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m39s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Failing after 1m42s
Deploy (RC) / Build & Deploy to RC (push) Successful in 6m4s
Generic: Project CI / Lint & Validate (pull_request) Successful in 34s
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Universal: PR Check / Validate PR (pull_request) Successful in 10s
Generic: Repo Health / Access control (pull_request) Successful in 1s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Standards Compliance / Secret Scanning (pull_request) Failing after 9s
Generic: Standards Compliance / License Header Validation (pull_request) Successful in 8s
PR RC Release / Build RC Release (pull_request) Successful in 1m18s
Generic: Standards Compliance / Repository Structure Validation (pull_request) Successful in 9s
Generic: Standards Compliance / Coding Standards Check (pull_request) Successful in 11s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m16s
Generic: Standards Compliance / Workflow Configuration Check (pull_request) Failing after 7s
Generic: Standards Compliance / Documentation Quality Check (pull_request) Successful in 7s
Generic: Standards Compliance / README Completeness Check (pull_request) Failing after 8s
Generic: Standards Compliance / Script Integrity Validation (pull_request) Successful in 8s
Generic: Standards Compliance / Line Length Check (pull_request) Successful in 20s
Generic: Standards Compliance / File Naming Standards (pull_request) Successful in 8s
Generic: Standards Compliance / Version Consistency Check (pull_request) Successful in 59s
Generic: Standards Compliance / Insecure Code Pattern Detection (pull_request) Successful in 7s
Generic: Standards Compliance / Git Repository Hygiene (pull_request) Successful in 1m10s
Generic: Standards Compliance / Dead Code Detection (pull_request) Successful in 9s
Generic: Standards Compliance / File Size Limits (pull_request) Successful in 6s
Generic: Standards Compliance / Code Complexity Analysis (pull_request) Successful in 56s
Generic: Standards Compliance / Code Duplication Detection (pull_request) Successful in 51s
Generic: Standards Compliance / TODO/FIXME Tracking (pull_request) Successful in 6s
Generic: Standards Compliance / Dependency Vulnerability Scanning (pull_request) Successful in 53s
Generic: Standards Compliance / Unused Dependencies Check (pull_request) Successful in 49s
Generic: Standards Compliance / API Documentation Coverage (pull_request) Successful in 6s
Generic: Standards Compliance / Broken Link Detection (pull_request) Successful in 9s
Generic: Standards Compliance / Accessibility Check (pull_request) Successful in 6s
Generic: Standards Compliance / Performance Metrics (pull_request) Successful in 5s
Generic: Standards Compliance / Binary File Detection (pull_request) Successful in 1m37s
Generic: Standards Compliance / Terraform Configuration Validation (pull_request) Successful in 11s
Generic: Standards Compliance / Enterprise Readiness Check (pull_request) Successful in 55s
Generic: Standards Compliance / Repository Health Check (pull_request) Successful in 53s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Successful in 2s
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Standards Compliance / Compliance Summary (pull_request) Has been cancelled
The org .mokogitea/.mokogitea-private repos were renamed to .mokogit/
.mokogit-private, but the constants still pointed at the old names, so the
org profile + wiki lookup returned nil (empty wiki). Update the 4
RepoName* constants to match. Interim rebrand step.
2026-07-15 02:51:01 +00:00
jmiller 8a995787f1 style: gofmt actions.go workflow-dirs comment
Universal: Auto Version Bump / Version Bump (push) Successful in 25s
Claude-Session: https://claude.ai/code/session_01Bqe7fAuHQeiLueYfeHFrHw
2026-07-14 21:34:20 -05:00
jmiller 1c99183527 chore(rebrand): keep workflows at .mokogitea/workflows for cutover deploy discovery
The currently-deployed (old) binary only discovers .mokogitea/workflows, so
the rebrand's deploy workflows must live there to run during the cutover.
Moved .mokogit/workflows -> .mokogitea/workflows and reverted the WorkflowDirs
default + path refs. Everything else stays .mokogit. TODO: switch back to
.mokogit/workflows once the MokoGIT image is live.

Claude-Session: https://claude.ai/code/session_01Bqe7fAuHQeiLueYfeHFrHw
2026-07-14 21:34:04 -05:00
jmiller 1741d5e863 Merge pull request 'fix: prod hotfixes - metadata Organization field + org wiki nav/links' (#789) from rc into main
Generic: Standards Compliance / Secret Scanning (push) Failing after 9s
Generic: Standards Compliance / License Header Validation (push) Successful in 9s
Generic: Standards Compliance / Repository Structure Validation (push) Successful in 8s
Generic: Standards Compliance / Coding Standards Check (push) Successful in 11s
Generic: Standards Compliance / Version Consistency Check (push) Successful in 1m28s
Generic: Standards Compliance / Workflow Configuration Check (push) Failing after 14s
Generic: Standards Compliance / Documentation Quality Check (push) Successful in 12s
Generic: Standards Compliance / README Completeness Check (push) Failing after 10s
Generic: Standards Compliance / Git Repository Hygiene (push) Successful in 2m2s
Generic: Standards Compliance / Script Integrity Validation (push) Successful in 19s
Generic: Standards Compliance / Line Length Check (push) Successful in 23s
Generic: Standards Compliance / File Naming Standards (push) Successful in 29s
Deploy (Prod) / Build & Deploy to Prod (push) Successful in 6m2s
Generic: Standards Compliance / Insecure Code Pattern Detection (push) Successful in 11s
Generic: Standards Compliance / Dead Code Detection (push) Successful in 10s
Generic: Standards Compliance / File Size Limits (push) Successful in 7s
Generic: Standards Compliance / Code Complexity Analysis (push) Successful in 54s
Generic: Standards Compliance / Code Duplication Detection (push) Successful in 55s
Generic: Standards Compliance / TODO/FIXME Tracking (push) Successful in 7s
Generic: Standards Compliance / Dependency Vulnerability Scanning (push) Successful in 56s
Generic: Standards Compliance / Unused Dependencies Check (push) Successful in 52s
Generic: Standards Compliance / API Documentation Coverage (push) Successful in 8s
Generic: Standards Compliance / Broken Link Detection (push) Successful in 11s
Generic: Standards Compliance / Binary File Detection (push) Successful in 1m38s
Generic: Standards Compliance / Accessibility Check (push) Successful in 6s
Generic: Standards Compliance / Performance Metrics (push) Successful in 6s
Generic: Standards Compliance / Terraform Configuration Validation (push) Successful in 19s
Generic: Standards Compliance / Enterprise Readiness Check (push) Successful in 53s
Generic: Standards Compliance / Repository Health Check (push) Successful in 59s
Generic: Standards Compliance / Compliance Summary (push) Has been cancelled
2026-07-15 02:25:35 +00:00
jmiller 3377e6895f fix(metadata): remove redundant Organization field from repo metadata page
Universal: Auto Version Bump / Version Bump (push) Successful in 19s
Generic: Project CI / Lint & Validate (pull_request) Successful in 35s
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m43s
PR RC Release / Build RC Release (pull_request) Successful in 1m41s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m50s
Universal: PR Check / Validate PR (pull_request) Successful in 15s
Deploy (RC) / Build & Deploy to RC (push) Successful in 6m0s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Generic: Repo Health / Access control (pull_request) Successful in 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Standards Compliance / Secret Scanning (pull_request) Failing after 10s
Generic: Standards Compliance / License Header Validation (pull_request) Successful in 9s
Universal: Build & Release / Build & Release Pipeline (pull_request) Failing after 1m42s
Generic: Standards Compliance / Repository Structure Validation (pull_request) Successful in 8s
Generic: Standards Compliance / Coding Standards Check (pull_request) Successful in 10s
Generic: Standards Compliance / Workflow Configuration Check (pull_request) Failing after 8s
Generic: Standards Compliance / Documentation Quality Check (pull_request) Successful in 10s
Generic: Standards Compliance / README Completeness Check (pull_request) Failing after 9s
Generic: Standards Compliance / Script Integrity Validation (pull_request) Successful in 12s
Generic: Standards Compliance / Line Length Check (pull_request) Successful in 22s
Generic: Standards Compliance / File Naming Standards (pull_request) Successful in 9s
Generic: Standards Compliance / Version Consistency Check (pull_request) Successful in 1m7s
Generic: Standards Compliance / Insecure Code Pattern Detection (pull_request) Successful in 8s
Generic: Standards Compliance / Git Repository Hygiene (pull_request) Successful in 1m31s
Generic: Standards Compliance / Dead Code Detection (pull_request) Successful in 12s
Generic: Standards Compliance / File Size Limits (pull_request) Successful in 7s
Generic: Standards Compliance / Code Complexity Analysis (pull_request) Successful in 1m4s
Generic: Standards Compliance / TODO/FIXME Tracking (pull_request) Successful in 8s
Generic: Standards Compliance / Code Duplication Detection (pull_request) Successful in 1m12s
Generic: Standards Compliance / Dependency Vulnerability Scanning (pull_request) Successful in 1m5s
Generic: Standards Compliance / Unused Dependencies Check (pull_request) Successful in 1m7s
Generic: Standards Compliance / Broken Link Detection (pull_request) Successful in 11s
Generic: Standards Compliance / API Documentation Coverage (pull_request) Successful in 6s
Generic: Standards Compliance / Accessibility Check (pull_request) Successful in 7s
Generic: Standards Compliance / Performance Metrics (pull_request) Successful in 6s
Generic: Standards Compliance / Binary File Detection (pull_request) Successful in 1m54s
Generic: Standards Compliance / Terraform Configuration Validation (pull_request) Successful in 15s
Generic: Standards Compliance / Enterprise Readiness Check (pull_request) Successful in 58s
Generic: Standards Compliance / Repository Health Check (pull_request) Successful in 58s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Successful in 2s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
Generic: Standards Compliance / Compliance Summary (pull_request) Has been cancelled
The Organization value is derived from the org profile (repo owner) and
was shown as a read-only field; it added no value, so remove it entirely
from the settings page. The DerivedOrgName model method stays (API still
derives org on read). See #771.

Claude-Session: https://claude.ai/code/session_01Bqe7fAuHQeiLueYfeHFrHw
2026-07-14 21:10:27 -05:00
jmiller 31c58d34f1 fix(org-wiki): also rewrite absolute-form intra-wiki links
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m26s
Match an optional https://host prefix so wiki links rendered as absolute
URLs (not just root-relative) are rewritten to the /-/wiki/ route too.
Covers nested pages like standards/Wiki-Structure.

Claude-Session: https://claude.ai/code/session_01Bqe7fAuHQeiLueYfeHFrHw
2026-07-14 21:06:52 -05:00
jmiller d73a40b734 fix(org-wiki): remove duplicated nav menu, fix intra-wiki links
Universal: PR Check / Branch Policy (pull_request) Failing after 2s
Generic: Project CI / Lint & Validate (pull_request) Successful in 48s
Universal: PR Check / Validate PR (pull_request) Successful in 12s
Generic: Repo Health / Access control (pull_request) Successful in 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Standards Compliance / Secret Scanning (pull_request) Failing after 13s
Generic: Standards Compliance / License Header Validation (pull_request) Successful in 12s
Generic: Standards Compliance / Repository Structure Validation (pull_request) Successful in 10s
PR RC Release / Build RC Release (pull_request) Successful in 1m51s
Generic: Standards Compliance / Coding Standards Check (pull_request) Successful in 12s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m41s
Generic: Standards Compliance / Workflow Configuration Check (pull_request) Failing after 9s
Generic: Standards Compliance / Documentation Quality Check (pull_request) Successful in 9s
Generic: Standards Compliance / README Completeness Check (pull_request) Failing after 8s
Generic: Standards Compliance / Script Integrity Validation (pull_request) Successful in 10s
Generic: Standards Compliance / Line Length Check (pull_request) Successful in 22s
Generic: Standards Compliance / File Naming Standards (pull_request) Successful in 9s
Generic: Standards Compliance / Version Consistency Check (pull_request) Successful in 1m10s
Generic: Standards Compliance / Insecure Code Pattern Detection (pull_request) Successful in 9s
Universal: Auto Version Bump / Version Bump (push) Successful in 16s
Generic: Standards Compliance / Git Repository Hygiene (pull_request) Successful in 1m26s
Generic: Standards Compliance / Dead Code Detection (pull_request) Successful in 10s
Generic: Standards Compliance / File Size Limits (pull_request) Successful in 7s
Generic: Standards Compliance / Code Complexity Analysis (pull_request) Successful in 1m7s
Generic: Standards Compliance / Code Duplication Detection (pull_request) Successful in 1m4s
Generic: Standards Compliance / TODO/FIXME Tracking (pull_request) Successful in 8s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m14s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
Generic: Standards Compliance / Dependency Vulnerability Scanning (pull_request) Successful in 1m4s
Generic: Standards Compliance / Unused Dependencies Check (pull_request) Successful in 1m3s
Generic: Standards Compliance / Broken Link Detection (pull_request) Successful in 12s
Generic: Standards Compliance / API Documentation Coverage (pull_request) Successful in 9s
Generic: Standards Compliance / Accessibility Check (pull_request) Successful in 9s
Generic: Standards Compliance / Performance Metrics (pull_request) Successful in 8s
Generic: Standards Compliance / Binary File Detection (pull_request) Successful in 2m0s
Generic: Standards Compliance / Terraform Configuration Validation (pull_request) Successful in 14s
Generic: Standards Compliance / Enterprise Readiness Check (pull_request) Successful in 54s
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Generic: Standards Compliance / Repository Health Check (pull_request) Successful in 54s
Deploy (RC) / Build & Deploy to RC (push) Failing after 1m27s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
Generic: Standards Compliance / Compliance Summary (pull_request) Has been cancelled
- view.tmpl rendered both org/header (which already includes org/menu)
  and org/menu -> the org navigation bar showed twice. Drop the redundant
  org/menu include to match every other org page.
- Wiki content was rendered with a RepoFile context, so intra-wiki links
  pointed at /{owner}/{repo}/src/branch/main/PATH (repo file browser,
  missing .md -> 404). Rewrite rendered links (content/sidebar/footer) to
  /{owner}/-/wiki/PATH, which also hides the underlying wiki repo name.
- Reword empty-state hint to public / members-only wording.

Claude-Session: https://claude.ai/code/session_01Bqe7fAuHQeiLueYfeHFrHw
2026-07-14 21:03:40 -05:00
jmiller 81b3c7bc42 fix(metadata): remove redundant Organization field from repo metadata page
The Organization value is derived from the org profile (repo owner) and
was shown as a read-only field; it added no value, so remove it entirely
from the settings page. The DerivedOrgName model method stays (API still
derives org on read). See #771.

Claude-Session: https://claude.ai/code/session_01Bqe7fAuHQeiLueYfeHFrHw
2026-07-14 20:43:52 -05:00
jmiller c3b4418216 chore: sync version-set.yml from Template-Go [skip ci] 2026-07-14 21:14:30 +00:00
jmiller 24e24a5f75 chore: sync standards-compliance.yml from Template-Go [skip ci] 2026-07-14 21:14:22 +00:00
jmiller 18aeb85b2e chore: sync repo-health.yml from Template-Go [skip ci] 2026-07-14 21:14:11 +00:00
jmiller cdce9157a4 chore: sync rc-revert.yml from Template-Go [skip ci] 2026-07-14 21:13:59 +00:00
jmiller 5ad84d831f chore: sync pre-release.yml from Template-Go [skip ci] 2026-07-14 21:13:50 +00:00
jmiller 22c9699534 chore: sync pr-check.yml from Template-Go [skip ci] 2026-07-14 21:13:41 +00:00
jmiller 08414bdb1a chore: sync notify.yml from Template-Go [skip ci] 2026-07-14 21:13:32 +00:00
jmiller 5db111c944 chore: sync issue-branch.yml from Template-Go [skip ci] 2026-07-14 21:13:22 +00:00
jmiller eaa3cdee7d chore: sync gitleaks.yml from Template-Go [skip ci] 2026-07-14 21:13:10 +00:00
jmiller 067dc74894 chore: sync deploy-rc.yml from Template-Go [skip ci] 2026-07-14 21:13:00 +00:00
jmiller d7c91a001b chore: sync deploy-prod.yml from Template-Go [skip ci] 2026-07-14 21:12:51 +00:00
jmiller 7fc04c8fb7 chore: sync deploy-dev.yml from Template-Go [skip ci] 2026-07-14 21:12:43 +00:00
jmiller fb758f7227 chore: sync cleanup.yml from Template-Go [skip ci] 2026-07-14 21:12:35 +00:00
jmiller 4b7f42f9d5 chore: sync ci-issue-reporter.yml from Template-Go [skip ci] 2026-07-14 21:12:26 +00:00
jmiller ef395e61a9 chore: sync ci-generic.yml from Template-Go [skip ci] 2026-07-14 21:12:19 +00:00
jmiller 5dd416a4a2 chore: sync cascade-dev.yml from Template-Go [skip ci] 2026-07-14 21:12:12 +00:00
jmiller 28792802ec chore: sync branch-cleanup.yml from Template-Go [skip ci] 2026-07-14 21:12:05 +00:00
jmiller 2a4841f6e7 chore: sync auto-release.yml from Template-Go [skip ci] 2026-07-14 21:11:59 +00:00
jmiller bdf2646a04 chore: sync auto-bump.yml from Template-Go [skip ci] 2026-07-14 21:11:53 +00:00
jmiller 72e6b46cde refactor: complete MokoGitea -> MokoGIT rebrand
- Branding: default app name MokoGitea -> MokoGIT; all standalone
  'MokoGitea' brand strings, comments, and copyright headers -> MokoGIT
- Special repo/config names: .mokogitea/.mokogitea-private -> .mokogit/
  .mokogit-private (workflow discovery, issue/PR templates, profile+wiki
  repo names in header.go, config dir renamed)
- Lowercase: mokogitea -> mokogit (docker image refs, ntfy topic, mail
  tags, wiki docs, Joomla element/targetplatform, MCP package docs)
- Actions system user mokogitea-actions -> mokogit-actions + DB
  migration #369 to rename the existing id=-2 user in place
- Icon: bundle Moko favicon.svg as public/assets/img/{favicon,logo}.svg;
  wire PWA manifest (SiteManifest) + nav logo to the SVG
- CHANGELOG entry documenting the rebrand

Shared MOKOGITEA_* CI/compose env + org-secret names are intentionally
left for the coordinated server cutover to avoid breaking cross-repo CI.

Claude-Session: https://claude.ai/code/session_01Bqe7fAuHQeiLueYfeHFrHw
2026-07-14 15:51:26 -05:00
jmiller bab29a83fa refactor: rename Go module path MokoConsulting/MokoGitea -> MokoConsulting/MokoGIT
Sweep all .go imports + go.mod, plus module-path refs in .golangci.yml,
Dockerfile, swagger templates, locale example, and repo/wiki URLs
(MokoGitea-Fork -> MokoGIT). Part of the MokoGIT rebrand.

Claude-Session: https://claude.ai/code/session_01Bqe7fAuHQeiLueYfeHFrHw
2026-07-14 15:31:19 -05:00
jmiller 2c33645107 chore: sync deploy-rc.yml from Template-Go [skip ci] 2026-07-14 14:11:57 +00:00
jmiller 4d15e6ccb8 chore: sync deploy-prod.yml from Template-Go [skip ci] 2026-07-14 14:11:51 +00:00
jmiller d931c71937 chore: sync deploy-dev.yml from Template-Go [skip ci] 2026-07-14 14:11:45 +00:00
jmiller 2ae0fa7920 chore: sync auto-release.yml from Template-Go [skip ci] 2026-07-14 14:11:37 +00:00
jmiller d1f3118a75 Merge pull request 'release: rc -> main (stable) — admin-configurable metadata platform (#777)' (#786) from rc into main
Generic: Standards Compliance / Secret Scanning (push) Failing after 7s
Generic: Standards Compliance / License Header Validation (push) Successful in 7s
Generic: Standards Compliance / Repository Structure Validation (push) Successful in 7s
Generic: Standards Compliance / Coding Standards Check (push) Successful in 9s
Generic: Standards Compliance / Workflow Configuration Check (push) Failing after 6s
Generic: Standards Compliance / Documentation Quality Check (push) Successful in 6s
Generic: Standards Compliance / README Completeness Check (push) Failing after 6s
Generic: Standards Compliance / Version Consistency Check (push) Successful in 58s
Generic: Standards Compliance / Script Integrity Validation (push) Successful in 10s
Generic: Standards Compliance / Line Length Check (push) Successful in 20s
Generic: Standards Compliance / Git Repository Hygiene (push) Successful in 1m8s
Generic: Standards Compliance / File Naming Standards (push) Successful in 7s
Generic: Standards Compliance / Insecure Code Pattern Detection (push) Successful in 8s
Generic: Standards Compliance / Code Complexity Analysis (push) Successful in 1m9s
Generic: Standards Compliance / Code Duplication Detection (push) Successful in 1m11s
Generic: Standards Compliance / Dead Code Detection (push) Successful in 13s
Generic: Standards Compliance / File Size Limits (push) Successful in 9s
Generic: Standards Compliance / TODO/FIXME Tracking (push) Successful in 8s
Deploy (Prod) / Build & Deploy to Prod (push) Successful in 4m34s
Generic: Standards Compliance / Dependency Vulnerability Scanning (push) Successful in 46s
Generic: Standards Compliance / Broken Link Detection (push) Successful in 8s
Generic: Standards Compliance / API Documentation Coverage (push) Successful in 5s
Generic: Standards Compliance / Accessibility Check (push) Successful in 6s
Generic: Standards Compliance / Performance Metrics (push) Successful in 5s
Generic: Standards Compliance / Binary File Detection (push) Successful in 1m22s
Generic: Standards Compliance / Unused Dependencies Check (push) Successful in 45s
Generic: Standards Compliance / Terraform Configuration Validation (push) Successful in 10s
Generic: Standards Compliance / Enterprise Readiness Check (push) Successful in 44s
Generic: Standards Compliance / Repository Health Check (push) Successful in 45s
Generic: Standards Compliance / Compliance Summary (push) Has been cancelled
2026-07-14 08:48:10 +00:00
jmiller 45852ad4ed Merge pull request 'chore(sync): cascade main -> dev' (#785) from main into dev
Universal: Auto Version Bump / Version Bump (push) Has been skipped
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 58s
Deploy (Dev) / Build & Deploy to Dev (push) Successful in 4m22s
2026-07-14 07:24:16 +00:00
jmiller 9ac91f6f28 chore: sync version-set.yml from Template-Go [skip ci]
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
2026-07-14 04:43:54 +00:00
jmiller c067b67db5 chore: sync repo-health.yml from Template-Go [skip ci] 2026-07-14 04:43:44 +00:00
jmiller bf2aa07768 chore: sync rc-revert.yml from Template-Go [skip ci] 2026-07-14 04:43:36 +00:00
jmiller a21eebeaad chore: sync pre-release.yml from Template-Go [skip ci] 2026-07-14 04:43:29 +00:00
jmiller 9239c931f2 chore: sync pr-check.yml from Template-Go [skip ci] 2026-07-14 04:43:21 +00:00
jmiller 9421bff48b chore: sync notify.yml from Template-Go [skip ci] 2026-07-14 04:43:12 +00:00
jmiller 85a904586e chore: sync issue-branch.yml from Template-Go [skip ci] 2026-07-14 04:43:04 +00:00
jmiller f2864130b7 chore: sync gitleaks.yml from Template-Go [skip ci] 2026-07-14 04:42:56 +00:00
jmiller 8681c3d5ee chore: sync cleanup.yml from Template-Go [skip ci] 2026-07-14 04:42:46 +00:00
jmiller 6ccb3f7027 chore: sync ci-issue-reporter.yml from Template-Go [skip ci] 2026-07-14 04:42:38 +00:00
jmiller 3a375e41d6 chore: sync ci-generic.yml from Template-Go [skip ci] 2026-07-14 04:42:30 +00:00
jmiller b48846eaf1 chore: sync cascade-dev.yml from Template-Go [skip ci] 2026-07-14 04:42:22 +00:00
jmiller 8504c96589 chore: sync branch-cleanup.yml from Template-Go [skip ci] 2026-07-14 04:42:15 +00:00
jmiller 38d7c040ce chore: sync auto-release.yml from Template-Go [skip ci] 2026-07-14 04:42:09 +00:00
jmiller dc6b3dbf16 chore: sync auto-bump.yml from Template-Go [skip ci] 2026-07-14 04:42:02 +00:00
jmiller 612de01a6f Merge pull request 'ci: adopt standard go deploy workflows (deploy-dev/prod)' (#783) from chore/adopt-standard-deploy into main
Cascade Main -> Dev / Cascade main -> dev (push) Has been cancelled
Deploy (Prod) / Build & Deploy to Prod (push) Has been cancelled
Generic: Standards Compliance / Secret Scanning (push) Has been cancelled
Generic: Standards Compliance / License Header Validation (push) Has been cancelled
Generic: Standards Compliance / Repository Structure Validation (push) Has been cancelled
Generic: Standards Compliance / Version Consistency Check (push) Has been cancelled
Generic: Standards Compliance / Workflow Configuration Check (push) Has been cancelled
Generic: Standards Compliance / Documentation Quality Check (push) Has been cancelled
Generic: Standards Compliance / README Completeness Check (push) Has been cancelled
Generic: Standards Compliance / Git Repository Hygiene (push) Has been cancelled
Generic: Standards Compliance / Script Integrity Validation (push) Has been cancelled
Generic: Standards Compliance / Line Length Check (push) Has been cancelled
Generic: Standards Compliance / File Naming Standards (push) Has been cancelled
Generic: Standards Compliance / Insecure Code Pattern Detection (push) Has been cancelled
Generic: Standards Compliance / Code Complexity Analysis (push) Has been cancelled
Generic: Standards Compliance / Code Duplication Detection (push) Has been cancelled
Generic: Standards Compliance / Dead Code Detection (push) Has been cancelled
Generic: Standards Compliance / File Size Limits (push) Has been cancelled
Generic: Standards Compliance / Binary File Detection (push) Has been cancelled
Generic: Standards Compliance / TODO/FIXME Tracking (push) Has been cancelled
Generic: Standards Compliance / Dependency Vulnerability Scanning (push) Has been cancelled
Generic: Standards Compliance / Unused Dependencies Check (push) Has been cancelled
Generic: Standards Compliance / Broken Link Detection (push) Has been cancelled
Generic: Standards Compliance / API Documentation Coverage (push) Has been cancelled
Generic: Standards Compliance / Accessibility Check (push) Has been cancelled
Generic: Standards Compliance / Performance Metrics (push) Has been cancelled
Generic: Standards Compliance / Enterprise Readiness Check (push) Has been cancelled
Generic: Standards Compliance / Repository Health Check (push) Has been cancelled
Generic: Standards Compliance / Terraform Configuration Validation (push) Has been cancelled
Generic: Standards Compliance / Compliance Summary (push) Has been cancelled
Generic: Standards Compliance / Coding Standards Check (push) Has been cancelled
2026-07-14 03:30:39 +00:00
jmiller 6f6a7b32c4 ci: adopt standard go deploy workflows (deploy-dev/prod)
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 51s
Generic: Project CI / Lint & Validate (pull_request) Has been cancelled
Generic: Project CI / Tests (pull_request) Has been cancelled
PR RC Release / Build RC Release (pull_request) Has been cancelled
Universal: PR Check / Branch Policy (pull_request) Has been cancelled
Universal: PR Check / Require Docs Update (pull_request) Has been cancelled
Universal: PR Check / Wiki Update Reminder (pull_request) Has been cancelled
Universal: PR Check / Secret Scan (pull_request) Has been cancelled
Universal: PR Check / Validate PR (pull_request) Has been cancelled
Generic: Repo Health / Access control (pull_request) Has been cancelled
Generic: Repo Health / Site Health (pull_request) Has been cancelled
Generic: Standards Compliance / Secret Scanning (pull_request) Has been cancelled
Generic: Standards Compliance / License Header Validation (pull_request) Has been cancelled
Generic: Standards Compliance / Repository Structure Validation (pull_request) Has been cancelled
Generic: Standards Compliance / Coding Standards Check (pull_request) Has been cancelled
Generic: Standards Compliance / Version Consistency Check (pull_request) Has been cancelled
Generic: Standards Compliance / Workflow Configuration Check (pull_request) Has been cancelled
Generic: Standards Compliance / Documentation Quality Check (pull_request) Has been cancelled
Generic: Standards Compliance / README Completeness Check (pull_request) Has been cancelled
Generic: Standards Compliance / Git Repository Hygiene (pull_request) Has been cancelled
Generic: Standards Compliance / Script Integrity Validation (pull_request) Has been cancelled
Generic: Standards Compliance / Line Length Check (pull_request) Has been cancelled
Generic: Standards Compliance / File Naming Standards (pull_request) Has been cancelled
Generic: Standards Compliance / Insecure Code Pattern Detection (pull_request) Has been cancelled
Generic: Standards Compliance / Code Complexity Analysis (pull_request) Has been cancelled
Generic: Standards Compliance / Code Duplication Detection (pull_request) Has been cancelled
Generic: Standards Compliance / Dead Code Detection (pull_request) Has been cancelled
Generic: Standards Compliance / File Size Limits (pull_request) Has been cancelled
Generic: Standards Compliance / Binary File Detection (pull_request) Has been cancelled
Generic: Standards Compliance / TODO/FIXME Tracking (pull_request) Has been cancelled
Generic: Standards Compliance / Dependency Vulnerability Scanning (pull_request) Has been cancelled
Generic: Standards Compliance / Unused Dependencies Check (pull_request) Has been cancelled
Generic: Standards Compliance / Broken Link Detection (pull_request) Has been cancelled
Generic: Standards Compliance / API Documentation Coverage (pull_request) Has been cancelled
Generic: Standards Compliance / Accessibility Check (pull_request) Has been cancelled
Generic: Standards Compliance / Performance Metrics (pull_request) Has been cancelled
Generic: Standards Compliance / Enterprise Readiness Check (pull_request) Has been cancelled
Generic: Standards Compliance / Repository Health Check (pull_request) Has been cancelled
Generic: Standards Compliance / Terraform Configuration Validation (pull_request) Has been cancelled
Branch Cleanup / Delete merged branch (pull_request) Has been cancelled
RC Revert / Rename rc/ back to dev/ (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
Generic: Standards Compliance / Compliance Summary (pull_request) Has been cancelled
2026-07-14 03:30:26 +00:00
jmiller 4b5cadfd79 Merge pull request 'feat(metadata): admin-configurable platform dropdown options (#777)' (#782) from feature/metadata-platform-configurable into dev
Deploy MokoGitea (Dev) / Build & Deploy to Dev (push) Has been cancelled
Universal: Auto Version Bump / Version Bump (push) Has been skipped
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m5s
Deploy (RC) / Build & Deploy to RC (push) Successful in 3m52s
Generic: Project CI / Lint & Validate (pull_request) Successful in 29s
Generic: Project CI / Tests (pull_request) Successful in 28s
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Universal: PR Check / Wiki Update Reminder (pull_request) Successful in 2s
PR RC Release / Build RC Release (pull_request) Successful in 53s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: PR Check / Validate PR (pull_request) Successful in 7s
Generic: Repo Health / Access control (pull_request) Successful in 1s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Standards Compliance / Secret Scanning (pull_request) Failing after 7s
Generic: Standards Compliance / License Header Validation (pull_request) Successful in 8s
Generic: Standards Compliance / Repository Structure Validation (pull_request) Successful in 8s
Universal: PR Check / Require Docs Update (pull_request) Failing after 1m9s
Generic: Standards Compliance / Coding Standards Check (pull_request) Successful in 10s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m16s
Generic: Standards Compliance / Workflow Configuration Check (pull_request) Failing after 7s
Generic: Standards Compliance / README Completeness Check (pull_request) Failing after 7s
Generic: Standards Compliance / Documentation Quality Check (pull_request) Successful in 9s
Generic: Standards Compliance / Script Integrity Validation (pull_request) Successful in 10s
Universal: Build & Release / Build & Release Pipeline (pull_request) Failing after 1m20s
Generic: Standards Compliance / Line Length Check (pull_request) Successful in 17s
Generic: Standards Compliance / File Naming Standards (pull_request) Successful in 7s
Generic: Standards Compliance / Version Consistency Check (pull_request) Successful in 57s
Generic: Standards Compliance / Insecure Code Pattern Detection (pull_request) Successful in 6s
Generic: Standards Compliance / Git Repository Hygiene (pull_request) Successful in 57s
Generic: Standards Compliance / Dead Code Detection (pull_request) Successful in 8s
Generic: Standards Compliance / File Size Limits (pull_request) Successful in 6s
Generic: Standards Compliance / Code Complexity Analysis (pull_request) Successful in 49s
Generic: Standards Compliance / Code Duplication Detection (pull_request) Successful in 50s
Generic: Standards Compliance / TODO/FIXME Tracking (pull_request) Successful in 7s
Generic: Standards Compliance / Dependency Vulnerability Scanning (pull_request) Successful in 45s
Generic: Standards Compliance / Unused Dependencies Check (pull_request) Successful in 42s
Generic: Standards Compliance / API Documentation Coverage (pull_request) Successful in 6s
Generic: Standards Compliance / Broken Link Detection (pull_request) Successful in 8s
Generic: Standards Compliance / Accessibility Check (pull_request) Successful in 6s
Generic: Standards Compliance / Performance Metrics (pull_request) Successful in 5s
Generic: Standards Compliance / Binary File Detection (pull_request) Successful in 1m25s
Generic: Standards Compliance / Terraform Configuration Validation (pull_request) Successful in 12s
Branch Cleanup / Delete merged branch (pull_request) Successful in 2s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Generic: Standards Compliance / Enterprise Readiness Check (pull_request) Successful in 52s
Generic: Standards Compliance / Repository Health Check (pull_request) Successful in 52s
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
Generic: Standards Compliance / Compliance Summary (pull_request) Has been cancelled
2026-07-14 03:28:46 +00:00
jmiller 506e4a49d6 feat(metadata): admin-configurable platform dropdown options
Universal: Auto Version Bump / Version Bump (push) Successful in 11s
PR RC Release / Build RC Release (pull_request) Successful in 2s
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Universal: PR Check / Require Docs Update (pull_request) Has been skipped
Universal: PR Check / Wiki Update Reminder (pull_request) Has been skipped
Generic: Project CI / Lint & Validate (pull_request) Successful in 29s
Generic: Project CI / Tests (pull_request) Successful in 29s
Universal: PR Check / Validate PR (pull_request) Successful in 7s
Universal: PR Check / Secret Scan (pull_request) Successful in 44s
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Branch Cleanup / Delete merged branch (pull_request) Has been cancelled
RC Revert / Rename rc/ back to dev/ (pull_request) Has been cancelled
The repo metadata 'platform' field was a hardcoded enum; changing the
taxonomy meant a code change + redeploy. Make it admin-configurable:

- modules/setting/metadata.go: new [metadata] PLATFORM_OPTIONS setting
  (default joomla,dolibarr,go,npm,generic), loaded in loadCommonSettingsFrom
- routers/web/admin/metadata.go + templates/admin/metadata.tmpl: new
  Admin -> Metadata page to edit the list (persisted to app.ini), with a
  nav entry and route
- routers/web/repo/setting/metadata.go + template: platform dropdown now
  reads from the setting; a repo's current value stays selectable even if
  removed from the list (no silent drop)

Closes #777
2026-07-13 17:27:03 -05:00
jmiller dd801ccce5 Merge pull request 'chore(sync): cascade main -> dev' (#781) from main into dev
Universal: Auto Version Bump / Version Bump (push) Has been skipped
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m15s
Deploy MokoGitea (Dev) / Build & Deploy to Dev (push) Successful in 3m29s
2026-07-13 21:36:16 +00:00
jmiller b5d03ab769 Merge pull request 'chore(ci): move deploy workflows out of custom/ to root' (#780) from chore/deploy-out-of-custom into main
Generic: Standards Compliance / Secret Scanning (push) Has been cancelled
Generic: Standards Compliance / License Header Validation (push) Has been cancelled
Generic: Standards Compliance / Repository Structure Validation (push) Has been cancelled
Generic: Standards Compliance / Coding Standards Check (push) Has been cancelled
Generic: Standards Compliance / Version Consistency Check (push) Has been cancelled
Generic: Standards Compliance / Workflow Configuration Check (push) Has been cancelled
Generic: Standards Compliance / Documentation Quality Check (push) Has been cancelled
Generic: Standards Compliance / README Completeness Check (push) Has been cancelled
Generic: Standards Compliance / Git Repository Hygiene (push) Has been cancelled
Generic: Standards Compliance / Script Integrity Validation (push) Has been cancelled
Generic: Standards Compliance / Line Length Check (push) Has been cancelled
Generic: Standards Compliance / File Naming Standards (push) Has been cancelled
Generic: Standards Compliance / Insecure Code Pattern Detection (push) Has been cancelled
Generic: Standards Compliance / Code Complexity Analysis (push) Has been cancelled
Generic: Standards Compliance / Code Duplication Detection (push) Has been cancelled
Generic: Standards Compliance / Dead Code Detection (push) Has been cancelled
Generic: Standards Compliance / File Size Limits (push) Has been cancelled
Generic: Standards Compliance / Binary File Detection (push) Has been cancelled
Generic: Standards Compliance / TODO/FIXME Tracking (push) Has been cancelled
Generic: Standards Compliance / Dependency Vulnerability Scanning (push) Has been cancelled
Generic: Standards Compliance / Unused Dependencies Check (push) Has been cancelled
Generic: Standards Compliance / Broken Link Detection (push) Has been cancelled
Generic: Standards Compliance / API Documentation Coverage (push) Has been cancelled
Generic: Standards Compliance / Accessibility Check (push) Has been cancelled
Generic: Standards Compliance / Performance Metrics (push) Has been cancelled
Generic: Standards Compliance / Enterprise Readiness Check (push) Has been cancelled
Generic: Standards Compliance / Repository Health Check (push) Has been cancelled
Generic: Standards Compliance / Terraform Configuration Validation (push) Has been cancelled
Generic: Standards Compliance / Compliance Summary (push) Has been cancelled
Cascade Main -> Dev / Cascade main -> dev (push) Successful in 1m2s
Generic: Project CI / Lint & Validate (pull_request) Successful in 32s
PR RC Release / Build RC Release (pull_request) Successful in 2s
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Universal: PR Check / Require Docs Update (pull_request) Has been skipped
Universal: PR Check / Wiki Update Reminder (pull_request) Has been skipped
Generic: Project CI / Tests (pull_request) Successful in 27s
Universal: PR Check / Validate PR (pull_request) Successful in 7s
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Universal: PR Check / Secret Scan (pull_request) Successful in 59s
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Deploy MokoGitea / deploy (push) Successful in 4m53s
2026-07-13 21:27:47 +00:00
jmiller 78b7c9e4af chore(ci): move deploy workflows out of custom/ to root
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m13s
Generic: Project CI / Lint & Validate (pull_request) Successful in 29s
Generic: Project CI / Tests (pull_request) Successful in 29s
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Universal: PR Check / Wiki Update Reminder (pull_request) Successful in 2s
PR RC Release / Build RC Release (pull_request) Successful in 47s
Universal: PR Check / Validate PR (pull_request) Successful in 8s
Generic: Repo Health / Access control (pull_request) Successful in 1s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Standards Compliance / Secret Scanning (pull_request) Failing after 8s
Generic: Standards Compliance / License Header Validation (pull_request) Successful in 8s
Universal: PR Check / Secret Scan (pull_request) Successful in 55s
Generic: Standards Compliance / Repository Structure Validation (pull_request) Successful in 7s
Universal: PR Check / Require Docs Update (pull_request) Failing after 1m3s
Generic: Standards Compliance / Coding Standards Check (pull_request) Successful in 9s
Generic: Standards Compliance / Workflow Configuration Check (pull_request) Failing after 7s
Generic: Standards Compliance / Documentation Quality Check (pull_request) Successful in 6s
Generic: Standards Compliance / README Completeness Check (pull_request) Failing after 6s
Generic: Standards Compliance / Script Integrity Validation (pull_request) Successful in 8s
Generic: Standards Compliance / Line Length Check (pull_request) Successful in 16s
Generic: Standards Compliance / Version Consistency Check (pull_request) Successful in 46s
Generic: Standards Compliance / File Naming Standards (pull_request) Successful in 6s
Generic: Standards Compliance / Insecure Code Pattern Detection (pull_request) Successful in 7s
Generic: Standards Compliance / Git Repository Hygiene (pull_request) Successful in 42s
Generic: Standards Compliance / Dead Code Detection (pull_request) Successful in 9s
Generic: Standards Compliance / File Size Limits (pull_request) Successful in 6s
Generic: Standards Compliance / Code Complexity Analysis (pull_request) Successful in 49s
Generic: Standards Compliance / TODO/FIXME Tracking (pull_request) Successful in 6s
Generic: Standards Compliance / Code Duplication Detection (pull_request) Successful in 51s
Generic: Standards Compliance / Unused Dependencies Check (pull_request) Successful in 42s
Generic: Standards Compliance / Dependency Vulnerability Scanning (pull_request) Successful in 46s
Generic: Standards Compliance / API Documentation Coverage (pull_request) Successful in 6s
Generic: Standards Compliance / Broken Link Detection (pull_request) Successful in 8s
Generic: Standards Compliance / Binary File Detection (pull_request) Successful in 1m25s
Generic: Standards Compliance / Accessibility Check (pull_request) Successful in 6s
Generic: Standards Compliance / Performance Metrics (pull_request) Successful in 6s
Generic: Standards Compliance / Terraform Configuration Validation (pull_request) Successful in 11s
Branch Cleanup / Delete merged branch (pull_request) Successful in 2s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Generic: Standards Compliance / Enterprise Readiness Check (pull_request) Successful in 43s
Generic: Standards Compliance / Repository Health Check (pull_request) Successful in 43s
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
Generic: Standards Compliance / Compliance Summary (pull_request) Has been cancelled
Deploy workflows in go/npm repos live in the workflows root, not custom/
(mirrors npm repos' npm-publish.yml in root). The sync's curated set does
not include deploy-*, so root placement is not clobbered. Moved: deploy-dev.yml, deploy-mokogitea.yml, deploy-rc.yml
2026-07-13 21:27:36 +00:00
jmiller 56d33c2e3a Merge pull request 'chore(ci): move repo-specific workflows to workflows/custom/' (#779) from chore/move-custom-workflows-to-custom into main
Cascade Main -> Dev / Cascade main -> dev (push) Successful in 53s
Generic: Standards Compliance / Secret Scanning (push) Has been cancelled
Generic: Standards Compliance / License Header Validation (push) Has been cancelled
Generic: Standards Compliance / Repository Structure Validation (push) Has been cancelled
Generic: Standards Compliance / Coding Standards Check (push) Has been cancelled
Generic: Standards Compliance / Version Consistency Check (push) Has been cancelled
Generic: Standards Compliance / Workflow Configuration Check (push) Has been cancelled
Generic: Standards Compliance / Documentation Quality Check (push) Has been cancelled
Generic: Standards Compliance / README Completeness Check (push) Has been cancelled
Generic: Standards Compliance / Git Repository Hygiene (push) Has been cancelled
Generic: Standards Compliance / Script Integrity Validation (push) Has been cancelled
Generic: Standards Compliance / Line Length Check (push) Has been cancelled
Generic: Standards Compliance / File Naming Standards (push) Has been cancelled
Generic: Standards Compliance / Insecure Code Pattern Detection (push) Has been cancelled
Generic: Standards Compliance / Code Complexity Analysis (push) Has been cancelled
Generic: Standards Compliance / Code Duplication Detection (push) Has been cancelled
Generic: Standards Compliance / Dead Code Detection (push) Has been cancelled
Generic: Standards Compliance / File Size Limits (push) Has been cancelled
Generic: Standards Compliance / Binary File Detection (push) Has been cancelled
Generic: Standards Compliance / TODO/FIXME Tracking (push) Has been cancelled
Generic: Standards Compliance / Dependency Vulnerability Scanning (push) Has been cancelled
Generic: Standards Compliance / Unused Dependencies Check (push) Has been cancelled
Generic: Standards Compliance / Broken Link Detection (push) Has been cancelled
Generic: Standards Compliance / API Documentation Coverage (push) Has been cancelled
Generic: Standards Compliance / Accessibility Check (push) Has been cancelled
Generic: Standards Compliance / Performance Metrics (push) Has been cancelled
Generic: Standards Compliance / Enterprise Readiness Check (push) Has been cancelled
Generic: Standards Compliance / Repository Health Check (push) Has been cancelled
Generic: Standards Compliance / Terraform Configuration Validation (push) Has been cancelled
Generic: Standards Compliance / Compliance Summary (push) Has been cancelled
Deploy MokoGitea / deploy (push) Successful in 4m1s
2026-07-13 21:19:36 +00:00
jmiller 385b96fda7 chore(ci): move repo-specific workflows to workflows/custom/
Generic: Project CI / Lint & Validate (pull_request) Successful in 34s
Generic: Project CI / Tests (pull_request) Successful in 30s
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Universal: PR Check / Wiki Update Reminder (pull_request) Successful in 2s
PR RC Release / Build RC Release (pull_request) Successful in 1m17s
Universal: PR Check / Validate PR (pull_request) Successful in 7s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m26s
Generic: Repo Health / Access control (pull_request) Successful in 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Standards Compliance / Secret Scanning (pull_request) Failing after 8s
Universal: PR Check / Require Docs Update (pull_request) Failing after 1m8s
Generic: Standards Compliance / License Header Validation (pull_request) Successful in 7s
Generic: Standards Compliance / Repository Structure Validation (pull_request) Successful in 8s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m14s
Generic: Standards Compliance / Coding Standards Check (pull_request) Successful in 8s
Generic: Standards Compliance / Documentation Quality Check (pull_request) Successful in 7s
Generic: Standards Compliance / Workflow Configuration Check (pull_request) Failing after 7s
Generic: Standards Compliance / README Completeness Check (pull_request) Failing after 6s
Generic: Standards Compliance / Script Integrity Validation (pull_request) Successful in 9s
Generic: Standards Compliance / Line Length Check (pull_request) Successful in 16s
Generic: Standards Compliance / File Naming Standards (pull_request) Successful in 6s
Generic: Standards Compliance / Version Consistency Check (pull_request) Successful in 50s
Generic: Standards Compliance / Insecure Code Pattern Detection (pull_request) Successful in 6s
Generic: Standards Compliance / Git Repository Hygiene (pull_request) Successful in 53s
Generic: Standards Compliance / Dead Code Detection (pull_request) Successful in 8s
Generic: Standards Compliance / File Size Limits (pull_request) Successful in 6s
Generic: Standards Compliance / Code Complexity Analysis (pull_request) Successful in 44s
Generic: Standards Compliance / Code Duplication Detection (pull_request) Successful in 43s
Generic: Standards Compliance / TODO/FIXME Tracking (pull_request) Successful in 6s
Generic: Standards Compliance / Dependency Vulnerability Scanning (pull_request) Successful in 43s
Generic: Standards Compliance / Unused Dependencies Check (pull_request) Successful in 42s
Generic: Standards Compliance / API Documentation Coverage (pull_request) Successful in 5s
Generic: Standards Compliance / Broken Link Detection (pull_request) Successful in 8s
Generic: Standards Compliance / Accessibility Check (pull_request) Successful in 5s
Generic: Standards Compliance / Performance Metrics (pull_request) Successful in 6s
Generic: Standards Compliance / Binary File Detection (pull_request) Successful in 1m22s
Generic: Standards Compliance / Terraform Configuration Validation (pull_request) Successful in 11s
Branch Cleanup / Delete merged branch (pull_request) Successful in 1s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Generic: Standards Compliance / Repository Health Check (pull_request) Successful in 44s
Generic: Standards Compliance / Enterprise Readiness Check (pull_request) Successful in 46s
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
Generic: Standards Compliance / Compliance Summary (pull_request) Has been cancelled
These are repo-specific (not platform-standard) and belong in custom/ so
the workflow sync never distributes/clobbers them. They still run here
(Gitea Actions executes custom/). Moved: deploy-rc.yml
2026-07-13 21:19:28 +00:00
jmiller fab2e2a2e2 Merge pull request 'chore(ci): remove template-only sync workflows from root' (#778) from chore/remove-template-sync-leaks into main
Cascade Main -> Dev / Cascade main -> dev (push) Has been cancelled
Deploy MokoGitea / deploy (push) Has been cancelled
Generic: Standards Compliance / Secret Scanning (push) Has been cancelled
Generic: Standards Compliance / License Header Validation (push) Has been cancelled
Generic: Standards Compliance / Repository Structure Validation (push) Has been cancelled
Generic: Standards Compliance / Coding Standards Check (push) Has been cancelled
Generic: Standards Compliance / Version Consistency Check (push) Has been cancelled
Generic: Standards Compliance / Workflow Configuration Check (push) Has been cancelled
Generic: Standards Compliance / Documentation Quality Check (push) Has been cancelled
Generic: Standards Compliance / README Completeness Check (push) Has been cancelled
Generic: Standards Compliance / Git Repository Hygiene (push) Has been cancelled
Generic: Standards Compliance / Script Integrity Validation (push) Has been cancelled
Generic: Standards Compliance / Line Length Check (push) Has been cancelled
Generic: Standards Compliance / File Naming Standards (push) Has been cancelled
Generic: Standards Compliance / Insecure Code Pattern Detection (push) Has been cancelled
Generic: Standards Compliance / Code Complexity Analysis (push) Has been cancelled
Generic: Standards Compliance / Code Duplication Detection (push) Has been cancelled
Generic: Standards Compliance / Dead Code Detection (push) Has been cancelled
Generic: Standards Compliance / File Size Limits (push) Has been cancelled
Generic: Standards Compliance / Binary File Detection (push) Has been cancelled
Generic: Standards Compliance / TODO/FIXME Tracking (push) Has been cancelled
Generic: Standards Compliance / Dependency Vulnerability Scanning (push) Has been cancelled
Generic: Standards Compliance / Unused Dependencies Check (push) Has been cancelled
Generic: Standards Compliance / Broken Link Detection (push) Has been cancelled
Generic: Standards Compliance / API Documentation Coverage (push) Has been cancelled
Generic: Standards Compliance / Accessibility Check (push) Has been cancelled
Generic: Standards Compliance / Performance Metrics (push) Has been cancelled
Generic: Standards Compliance / Enterprise Readiness Check (push) Has been cancelled
Generic: Standards Compliance / Repository Health Check (push) Has been cancelled
Generic: Standards Compliance / Terraform Configuration Validation (push) Has been cancelled
Generic: Standards Compliance / Compliance Summary (push) Has been cancelled
2026-07-13 20:45:08 +00:00
jmiller c537c63e98 chore(ci): remove template-only sync workflows from root
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m10s
Generic: Project CI / Lint & Validate (pull_request) Successful in 29s
Generic: Project CI / Tests (pull_request) Successful in 28s
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Universal: PR Check / Wiki Update Reminder (pull_request) Successful in 1s
PR RC Release / Build RC Release (pull_request) Successful in 45s
Universal: PR Check / Validate PR (pull_request) Successful in 7s
Generic: Repo Health / Access control (pull_request) Successful in 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Standards Compliance / Secret Scanning (pull_request) Failing after 7s
Generic: Standards Compliance / License Header Validation (pull_request) Successful in 7s
Universal: PR Check / Require Docs Update (pull_request) Failing after 45s
Generic: Standards Compliance / Repository Structure Validation (pull_request) Successful in 6s
Universal: PR Check / Secret Scan (pull_request) Successful in 48s
Generic: Standards Compliance / Coding Standards Check (pull_request) Successful in 8s
Generic: Standards Compliance / Workflow Configuration Check (pull_request) Failing after 6s
Generic: Standards Compliance / Documentation Quality Check (pull_request) Successful in 5s
Generic: Standards Compliance / README Completeness Check (pull_request) Failing after 6s
Generic: Standards Compliance / Script Integrity Validation (pull_request) Successful in 6s
Generic: Standards Compliance / Line Length Check (pull_request) Successful in 13s
Generic: Standards Compliance / File Naming Standards (pull_request) Successful in 6s
Generic: Standards Compliance / Version Consistency Check (pull_request) Successful in 43s
Generic: Standards Compliance / Insecure Code Pattern Detection (pull_request) Successful in 6s
Generic: Standards Compliance / Git Repository Hygiene (pull_request) Successful in 37s
Generic: Standards Compliance / Dead Code Detection (pull_request) Successful in 7s
Generic: Standards Compliance / File Size Limits (pull_request) Successful in 6s
Generic: Standards Compliance / Code Complexity Analysis (pull_request) Successful in 41s
Generic: Standards Compliance / Code Duplication Detection (pull_request) Successful in 40s
Generic: Standards Compliance / TODO/FIXME Tracking (pull_request) Successful in 6s
Generic: Standards Compliance / Dependency Vulnerability Scanning (pull_request) Successful in 43s
Generic: Standards Compliance / Unused Dependencies Check (pull_request) Successful in 40s
Generic: Standards Compliance / API Documentation Coverage (pull_request) Successful in 6s
Generic: Standards Compliance / Broken Link Detection (pull_request) Successful in 8s
Generic: Standards Compliance / Binary File Detection (pull_request) Successful in 1m21s
Generic: Standards Compliance / Accessibility Check (pull_request) Successful in 6s
Generic: Standards Compliance / Performance Metrics (pull_request) Successful in 6s
Generic: Standards Compliance / Terraform Configuration Validation (pull_request) Successful in 10s
Branch Cleanup / Delete merged branch (pull_request) Successful in 2s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Generic: Standards Compliance / Enterprise Readiness Check (pull_request) Successful in 46s
Generic: Standards Compliance / Repository Health Check (pull_request) Successful in 46s
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
Generic: Standards Compliance / Compliance Summary (pull_request) Has been cancelled
sync-on-merge.yml and workflow-sync-trigger.yml are template-only (gated
if: Template-*), dead no-ops in this child repo, inherited at scaffold time.
sync-on-merge.yml is also broken. The real sync lives in the templates'
workflows/custom/.
2026-07-13 20:44:53 +00:00
jmiller 0fc4adf1a7 chore: sync standards-compliance.yml from Template-Generic [skip ci] 2026-07-13 19:51:27 +00:00
jmiller affba0a2cd chore: sync pr-check.yml from Template-Generic [skip ci] 2026-07-13 16:21:58 +00:00
jmiller 66017e1668 chore: sync cascade-dev.yml from Template-Generic [skip ci] 2026-07-13 16:21:51 +00:00
jmiller 0a66dacb86 chore: sync auto-release.yml from Template-Generic [skip ci] 2026-07-13 16:21:45 +00:00
jmiller ae1aa3e21a chore: sync standards-compliance.yml from Template-Generic [skip ci] 2026-07-13 15:58:20 +00:00
jmiller f2dd391bca chore: sync workflow-sync-trigger.yml from Template-Generic [skip ci] 2026-07-13 15:48:35 +00:00
jmiller 485d6be31c chore: sync version-set.yml from Template-Generic [skip ci] 2026-07-13 15:48:27 +00:00
jmiller 2d42b4e475 chore: sync sync-on-merge.yml from Template-Generic [skip ci] 2026-07-13 15:48:19 +00:00
jmiller b5ce7fadcc chore: sync repo-health.yml from Template-Generic [skip ci] 2026-07-13 15:48:11 +00:00
jmiller 4972cf71bc chore: sync rc-revert.yml from Template-Generic [skip ci] 2026-07-13 15:48:03 +00:00
jmiller 9e8d4c43bb chore: sync pre-release.yml from Template-Generic [skip ci] 2026-07-13 15:47:55 +00:00
jmiller c0c121dfb5 chore: sync pr-check.yml from Template-Generic [skip ci] 2026-07-13 15:47:47 +00:00
jmiller 5bc475e8f5 chore: sync notify.yml from Template-Generic [skip ci] 2026-07-13 15:47:40 +00:00
jmiller 1f0fe7012d chore: sync issue-branch.yml from Template-Generic [skip ci] 2026-07-13 15:47:31 +00:00
jmiller b902244949 chore: sync gitleaks.yml from Template-Generic [skip ci] 2026-07-13 15:47:24 +00:00
jmiller c37ada7874 chore: sync cleanup.yml from Template-Generic [skip ci] 2026-07-13 15:47:16 +00:00
jmiller 9496c7c42d chore: sync ci-issue-reporter.yml from Template-Generic [skip ci] 2026-07-13 15:47:08 +00:00
jmiller a049052e5a chore: sync ci-generic.yml from Template-Generic [skip ci] 2026-07-13 15:47:01 +00:00
jmiller fc66f8968f chore: sync cascade-dev.yml from Template-Generic [skip ci] 2026-07-13 15:46:55 +00:00
jmiller b0885f6da3 chore: sync branch-cleanup.yml from Template-Generic [skip ci] 2026-07-13 15:46:48 +00:00
jmiller 1a2e33abb3 chore: sync auto-release.yml from Template-Generic [skip ci] 2026-07-13 15:46:42 +00:00
jmiller 6aeb087613 chore: sync auto-bump.yml from Template-Generic [skip ci] 2026-07-13 15:46:35 +00:00
jmiller 94e6030e58 chore: sync standards-compliance.yml from Template-Generic [skip ci] 2026-07-13 15:28:50 +00:00
jmiller 02c2033caa chore: sync pr-check.yml from Template-Generic [skip ci] 2026-07-13 09:28:24 +00:00
jmiller 9edfeb6075 chore: sync notify.yml from Template-Generic [skip ci] 2026-07-13 09:28:19 +00:00
jmiller ada91a9bc1 Merge pull request 'chore(sync): cascade main -> dev' (#776) from main into dev
Universal: Auto Version Bump / Version Bump (push) Has been skipped
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m9s
Deploy MokoGitea (Dev) / Build & Deploy to Dev (push) Successful in 3m57s
2026-07-13 00:47:23 +00:00
jmiller 3ce6fd3e08 Merge pull request 'fix(branding): app icon follows the Nav Icon upload (#773)' (#774) from fix/app-icon-follows-nav-icon into main
Cascade Main -> Dev / Cascade main -> dev (push) Successful in 3s
Generic: Project CI / Lint & Validate (pull_request) Successful in 28s
PR RC Release / Build RC Release (pull_request) Successful in 2s
Generic: Project CI / Tests (pull_request) Successful in 29s
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Universal: PR Check / Require Docs Update (pull_request) Has been skipped
Universal: PR Check / Wiki Update Reminder (pull_request) Has been skipped
Universal: PR Check / Validate PR (pull_request) Successful in 8s
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Universal: PR Check / Secret Scan (pull_request) Successful in 41s
Deploy MokoGitea / deploy (push) Successful in 5m3s
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
2026-07-13 00:43:38 +00:00
jmiller dc14a3fcfc Merge remote-tracking branch 'origin/main' into fix/app-icon-follows-nav-icon
Generic: Project CI / Lint & Validate (pull_request) Successful in 33s
Generic: Project CI / Tests (pull_request) Successful in 39s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Failing after 1m41s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
PR RC Release / Build RC Release (pull_request) Successful in 1m10s
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Universal: PR Check / Require Docs Update (pull_request) Failing after 43s
Universal: PR Check / Wiki Update Reminder (pull_request) Successful in 1s
Universal: PR Check / Validate PR (pull_request) Successful in 7s
Generic: Repo Health / Access control (pull_request) Successful in 1s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Universal: PR Check / Secret Scan (pull_request) Successful in 30s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Successful in 1s
Universal: Build & Release / Build & Release Pipeline (pull_request) Failing after 1m54s
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
# Conflicts:
#	CHANGELOG.md
2026-07-12 19:42:54 -05:00
jmiller f991f209d1 Merge pull request 'chore(sync): cascade main -> dev' (#775) from main into dev
Universal: Auto Version Bump / Version Bump (push) Has been skipped
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m12s
Deploy MokoGitea (Dev) / Build & Deploy to Dev (push) Failing after 4m36s
2026-07-13 00:41:18 +00:00
jmiller 6093300fbb Merge pull request 'fix(metadata): derive org from org profile instead of storing it (#771)' (#772) from fix/metadata-org-derived-from-profile into main
Cascade Main -> Dev / Cascade main -> dev (push) Successful in 5s
Generic: Project CI / Lint & Validate (pull_request) Successful in 31s
Generic: Project CI / Tests (pull_request) Successful in 31s
PR RC Release / Build RC Release (pull_request) Successful in 2s
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Universal: PR Check / Require Docs Update (pull_request) Has been skipped
Universal: PR Check / Wiki Update Reminder (pull_request) Has been skipped
Universal: PR Check / Validate PR (pull_request) Successful in 8s
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Universal: PR Check / Secret Scan (pull_request) Successful in 47s
Deploy MokoGitea / deploy (push) Successful in 5m48s
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
2026-07-13 00:40:52 +00:00
jmiller 793e4885e8 ci: re-trigger checks after runner recovery
Generic: Project CI / Tests (pull_request) Successful in 30s
Generic: Project CI / Lint & Validate (pull_request) Successful in 32s
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
PR RC Release / Build RC Release (pull_request) Successful in 31s
Universal: PR Check / Wiki Update Reminder (pull_request) Successful in 1s
Universal: PR Check / Validate PR (pull_request) Successful in 8s
Generic: Repo Health / Access control (pull_request) Successful in 1s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 55s
Universal: PR Check / Require Docs Update (pull_request) Failing after 34s
Universal: PR Check / Secret Scan (pull_request) Successful in 35s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Successful in 1s
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Has been skipped
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Failing after 1m9s
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
No code change. The prior run was canceled at 0s because all ubuntu-latest
runners were offline; this re-fires CI now that a runner is back. Ref #771.
2026-07-12 19:37:51 -05:00
jmiller f4be31183f refactor(branding): write each icon target independently on upload
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 32s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
PR RC Release / Build RC Release (pull_request) Successful in 24s
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Generic: Project CI / Lint & Validate (pull_request) Successful in 34s
Generic: Project CI / Tests (pull_request) Successful in 34s
Universal: PR Check / Wiki Update Reminder (pull_request) Successful in 2s
Universal: PR Check / Validate PR (pull_request) Successful in 7s
Generic: Repo Health / Access control (pull_request) Successful in 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Universal: PR Check / Require Docs Update (pull_request) Failing after 25s
Universal: PR Check / Secret Scan (pull_request) Successful in 26s
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
Rewind the uploaded stream between targets and write/close each file in
turn instead of a shared io.MultiWriter, so a failure writing a later
target (e.g. logo.png) can never leave an earlier one (logo-small.png)
truncated. Addresses review feedback on #774.
2026-07-12 19:02:14 -05:00
jmiller 3d0cb7d98c fix(branding): app icon follows the Nav Icon upload
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 38s
Universal: Build & Release / Promote to RC (pull_request) Failing after 9s
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
Generic: Project CI / Lint & Validate (pull_request) Has been cancelled
Generic: Project CI / Tests (pull_request) Has been cancelled
PR RC Release / Build RC Release (pull_request) Has been cancelled
Universal: PR Check / Branch Policy (pull_request) Has been cancelled
Universal: PR Check / Require Docs Update (pull_request) Has been cancelled
Universal: PR Check / Wiki Update Reminder (pull_request) Has been cancelled
Universal: PR Check / Secret Scan (pull_request) Has been cancelled
Universal: PR Check / Validate PR (pull_request) Has been cancelled
Generic: Repo Health / Access control (pull_request) Has been cancelled
Generic: Repo Health / Site Health (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
The app icon (logo.png) is the PWA/web-manifest icon and the navbar
fallback, but had no Branding control, so it stayed the shipped default
even on a fully branded instance. Uploading the Nav Icon now also writes
logo.png (single io.MultiWriter pass), and resetting the Nav Icon reverts
both to the built-in default.

Closes #773
2026-07-12 18:45:11 -05:00
jmiller 7f436128fd fix(metadata): derive org from org profile instead of storing it
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 29s
Universal: Build & Release / Promote to RC (pull_request) Failing after 8s
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
Generic: Project CI / Lint & Validate (pull_request) Has been cancelled
Generic: Project CI / Tests (pull_request) Has been cancelled
PR RC Release / Build RC Release (pull_request) Has been cancelled
Universal: PR Check / Branch Policy (pull_request) Has been cancelled
Universal: PR Check / Require Docs Update (pull_request) Has been cancelled
Universal: PR Check / Wiki Update Reminder (pull_request) Has been cancelled
Universal: PR Check / Secret Scan (pull_request) Has been cancelled
Universal: PR Check / Validate PR (pull_request) Has been cancelled
Generic: Repo Health / Access control (pull_request) Has been cancelled
Generic: Repo Health / Site Health (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
The repo metadata org field was a stored, editable value that snapshotted
the owner name and could drift when an organization was renamed. It is now
derived from the org profile (repository owner) on read and is read-only.

- models/repo/repo.go: add Repository.DerivedOrgName (owner FullName, falling
  back to the handle, then the denormalized OwnerName)
- models/repo/repo_manifest.go: drop the Org struct field
- models/migrations/v1_27/v369.go + migrations.go: migration #368 drops the
  repo_manifest.org column
- routers/api/v1/repo/manifest.go: derive org in the response, ignore it on write
- routers/web/repo/setting/metadata.go + templates: show org read-only (derived)
- services/updateserver/joomla.go: use DerivedOrgName for the feed maintainer

Closes #771
2026-07-12 18:35:31 -05:00
jmiller 010d3dcbcf chore: sync pre-release.yml from Template-Generic [skip ci] 2026-07-06 17:04:06 +00:00
jmiller 8242e5713a fix(ci): robust prod deploy workflow (#758) [skip ci]
Land deploy-mokogitea.yml robustness fix on main. [skip ci] — workflow-file-only change; no rebuild/redeploy needed (prod already live on stable-289 from #733).
2026-07-06 15:57:46 +00:00
jmiller a7220ddb2b fix(ci): robust prod deploy — drop dev-health gate, no tier-clobbering sed, rm -f before recreate
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 42s
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Universal: PR Check / Wiki Update Reminder (pull_request) Successful in 2s
Universal: PR Check / Validate PR (pull_request) Successful in 8s
Generic: Repo Health / Access control (pull_request) Successful in 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Project CI / Lint & Validate (pull_request) Successful in 36s
Generic: Project CI / Tests (pull_request) Successful in 36s
Universal: PR Check / Secret Scan (pull_request) Successful in 56s
Universal: PR Check / Require Docs Update (pull_request) Failing after 1m11s
PR RC Release / Build RC Release (pull_request) Successful in 1m13s
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
The prod deploy (deploy-mokogitea.yml, on push to main) failed the #733 release and
silently corrupted the shared compose. Three fixes:
- Removed the 'Verify dev environment is healthy' gate: it curled git.dev and exit 1
  on failure, so a dev blip false-negatives the PROD deploy (wrong-tier gate; the
  dev->rc->main pipeline + RC env is the real gate).
- Replaced 'sed s|mokogitea:...|:$TAG|' (matched ALL mokogitea service lines and
  clobbered the dev+rc ${MOKOGITEA_*_TAG} env-vars with the prod tag) with the
  env-var pattern: env $TAG_ENV=$TAG docker compose up -- drives only the target
  service, no sed.
- Added 'docker rm -f $CONTAINER' + '-p gitea-dev' + '--force-recreate' before the
  compose up, fixing the 'Container name /mokogitea already in use' conflict.

Aligns deploy-mokogitea.yml with the fixed deploy-dev/deploy-rc pattern. Host compose
was separately restored to env-var form (the bad run had clobbered dev+rc tags).
Long-term: cut over Template-Go#5 deploy-prod.yml. Refs #733, #752.

Claude-Session: https://claude.ai/code/session_01Wsno14cxE49MstXFs9G5KT
2026-07-06 10:55:58 -05:00
jmiller 10760463f8 Merge pull request 'chore(sync): cascade main -> dev' (#757) from main into dev
Deploy MokoGitea (Dev) / Build & Deploy to Dev (push) Successful in 5m45s
Universal: Auto Version Bump / Version Bump (push) Has been skipped
2026-07-06 07:38:07 +00:00
jmiller bc3bb0f778 Merge pull request 'Release: org-wide governance series (#727) — dev → main' (#733) from dev into main
Sync Workflows to Repos / sync (push) Has been skipped
Cascade Main -> Dev / Cascade main -> dev (push) Successful in 6s
Universal: PR Check / Require Docs Update (pull_request) Has been skipped
Universal: PR Check / Wiki Update Reminder (pull_request) Has been skipped
Universal: PR Check / Branch Policy (pull_request) Successful in 3s
PR RC Release / Build RC Release (pull_request) Successful in 5s
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Universal: PR Check / Validate PR (pull_request) Successful in 17s
Generic: Project CI / Lint & Validate (pull_request) Successful in 44s
Generic: Project CI / Tests (pull_request) Successful in 58s
Universal: PR Check / Secret Scan (pull_request) Successful in 2m54s
Deploy MokoGitea / deploy (push) Failing after 5m51s
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
2026-07-06 07:37:35 +00:00
jmiller d955bac72b chore: sync pr-check.yml from Template-Generic [skip ci] 2026-07-06 03:49:59 +00:00
jmiller afc470f513 chore: sync ci-generic.yml from Template-Generic [skip ci] 2026-07-06 03:49:52 +00:00
jmiller 6505840839 chore: sync auto-release.yml from Template-Generic [skip ci] 2026-07-06 03:49:44 +00:00
jmiller 7d98098a87 Merge pull request 'fix(ci): make Tests an independent job (work around Gitea needs-chain scheduler stall)' (#756) from fix/ci-generic-scheduler into dev
Universal: Auto Version Bump / Version Bump (push) Has been skipped
Generic: Project CI / Lint & Validate (pull_request) Successful in 49s
Generic: Project CI / Tests (pull_request) Successful in 51s
Generic: Repo Health / Access control (pull_request) Successful in 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
PR RC Release / Build RC Release (pull_request) Successful in 1m29s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m37s
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Universal: PR Check / Wiki Update Reminder (pull_request) Successful in 1s
Universal: PR Check / Validate PR (pull_request) Successful in 12s
Universal: PR Check / Require Docs Update (pull_request) Successful in 1m7s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m14s
Deploy MokoGitea (Dev) / Build & Deploy to Dev (push) Successful in 12m25s
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Has been skipped
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Failing after 1m18s
2026-07-06 03:42:40 +00:00
jmiller 28b9d94658 fix(ci): make Tests an independent job to work around Gitea needs-chain scheduler stall
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 58s
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Universal: PR Check / Require Docs Update (pull_request) Has been skipped
Universal: PR Check / Wiki Update Reminder (pull_request) Has been skipped
PR RC Release / Build RC Release (pull_request) Successful in 3s
Universal: PR Check / Validate PR (pull_request) Successful in 8s
Generic: Project CI / Lint & Validate (pull_request) Successful in 32s
Generic: Project CI / Tests (pull_request) Successful in 33s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Successful in 1s
Universal: PR Check / Secret Scan (pull_request) Successful in 57s
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
The Gitea Actions scheduler on the current build does not offer the dependent
2nd job of a needs-chain to runners: the Tests job (needs: lint) reaches
'waiting' but is never claimed even with idle, label-matching runners, then is
reaped by ABANDONED_JOB_TIMEOUT. Verified via dispatch on idle runners (run
34933: lint claimed+success, Tests waiting/runner_id 0, never scheduled).

Drop 'needs: lint' + the always() gate; guard template repos directly so Tests
runs as an independent, schedulable job.

Claude-Session: https://claude.ai/code/session_01Wsno14cxE49MstXFs9G5KT
2026-07-05 22:39:40 -05:00
jmiller 8d8ecf176a Merge pull request 'fix(tests): repair tests/integration compile errors (upstream API/import drift)' (#755) from fix/integration-tests-compile-wt into dev
Universal: Auto Version Bump / Version Bump (push) Has been skipped
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Universal: PR Check / Wiki Update Reminder (pull_request) Successful in 1s
Universal: PR Check / Validate PR (pull_request) Successful in 11s
Generic: Repo Health / Access control (pull_request) Successful in 3s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Project CI / Lint & Validate (pull_request) Successful in 1m9s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m31s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
Universal: PR Check / Require Docs Update (pull_request) Successful in 4m17s
PR RC Release / Build RC Release (pull_request) Successful in 4m19s
Universal: PR Check / Secret Scan (pull_request) Successful in 4m19s
Deploy MokoGitea (Dev) / Build & Deploy to Dev (push) Successful in 5m55s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
2026-07-06 03:14:18 +00:00
jmiller 7203628004 fix(tests): repair tests/integration compile errors from upstream API/import drift
Universal: PR Check / Require Docs Update (pull_request) Has been skipped
Universal: PR Check / Wiki Update Reminder (pull_request) Has been skipped
PR RC Release / Build RC Release (pull_request) Successful in 3s
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Universal: PR Check / Validate PR (pull_request) Successful in 9s
Generic: Project CI / Lint & Validate (pull_request) Successful in 40s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m27s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m22s
Branch Cleanup / Delete merged branch (pull_request) Successful in 2s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Two compile errors blocked the whole tests/integration package (prereq for the
layered test pipeline, Template-Go#4, and the clean go-compile owed by #733):

- api_packages_composer_test.go: composer.PackageMetadataResponse{} (value) used
  where *PackageMetadataResponse (pointer) is required -> take the address.
- oauth_avatar_test.go: 10 stale upstream 'code.gitea.io/gitea/' imports (never
  updated after the fork module rename) -> 'code.mokoconsulting.tech/MokoConsulting/MokoGitea/'.

go vet ./tests/integration/... now exits 0 (compiles clean).

Claude-Session: https://claude.ai/code/session_01Wsno14cxE49MstXFs9G5KT
2026-07-05 22:11:44 -05:00
jmiller 36a824be1d Merge pull request 'chore(manifest): remove deprecated .mokogitea/manifest.xml parser; mokoplatform→mokocli' (#754) from feature/752-chore-deploy-rebuild-redeploy-for-moko-p into dev
Universal: Auto Version Bump / Version Bump (push) Has been skipped
Universal: PR Check / Branch Policy (pull_request) Successful in 4s
Universal: PR Check / Wiki Update Reminder (pull_request) Successful in 3s
Universal: PR Check / Validate PR (pull_request) Successful in 20s
Generic: Repo Health / Access control (pull_request) Successful in 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Project CI / Lint & Validate (pull_request) Successful in 44s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m51s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
Universal: PR Check / Require Docs Update (pull_request) Successful in 4m48s
PR RC Release / Build RC Release (pull_request) Successful in 4m51s
Universal: PR Check / Secret Scan (pull_request) Successful in 4m46s
Deploy MokoGitea (Dev) / Build & Deploy to Dev (push) Successful in 23m32s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
2026-07-06 02:38:10 +00:00
jmiller fcf33d35df chore(api): remove /manifest backward-compat alias route (use /metadata)
Universal: PR Check / Require Docs Update (pull_request) Has been skipped
Universal: PR Check / Wiki Update Reminder (pull_request) Has been skipped
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
PR RC Release / Build RC Release (pull_request) Successful in 3s
Universal: PR Check / Validate PR (pull_request) Successful in 14s
Universal: Auto Version Bump / Version Bump (push) Successful in 25s
Generic: Project CI / Lint & Validate (pull_request) Successful in 51s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m21s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Successful in 3s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
The /manifest GET+PUT routes were backward-compat aliases for the canonical
/metadata routes. Completing the manifest->metadata migration (#752): drop the
alias so /metadata is the single path. Handlers (GetRepoMetadata/UpdateRepoMetadata)
are unchanged. The MCP already calls /metadata (mcp-mokogitea-api v1.4.2,
gitea_metadata_get/update); the stale gitea_manifest_* tools only exist in older
deployed MCP builds and drop out on redeploy.

Refs #752

Claude-Session: https://claude.ai/code/session_01Wsno14cxE49MstXFs9G5KT
2026-07-05 21:07:05 -05:00
jmiller 358606e235 chore(manifest): remove deprecated .mokogitea/manifest.xml parser; mokoplatform->mokocli
Universal: Auto Version Bump / Version Bump (push) Successful in 14s
Universal: PR Check / Require Docs Update (pull_request) Has been skipped
Universal: PR Check / Wiki Update Reminder (pull_request) Has been skipped
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
PR RC Release / Build RC Release (pull_request) Successful in 3s
Universal: PR Check / Validate PR (pull_request) Successful in 13s
Generic: Project CI / Lint & Validate (pull_request) Successful in 44s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m38s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
The .mokogitea/manifest.xml file is deprecated - the first-class RepoMetadata DB
fields (set via the /manifest API) are the authoritative repository metadata (see
issue #752). Remove the legacy XML auto-sync path rather than teaching it the
renamed mokocli root element:

- delete services/repository/manifest_sync.go (manifestXML parser)
- drop the SyncMetadataFromCommit call on default-branch push (push.go)
- rebrand remaining mokoplatform->mokocli refs (repo_manifest.go, v347.go comment,
  locale manifest_desc)

The RepoMetadata model, /manifest API, settings UI, and update-feed generation
(first-class fields) are unchanged. gofmt-normalized repo_manifest.go struct tags.

Refs #752

Claude-Session: https://claude.ai/code/session_01Wsno14cxE49MstXFs9G5KT
2026-07-05 21:00:28 -05:00
jmiller c74173bb86 ci(deploy-rc): add workflow_dispatch for isolated manual tests
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Universal: PR Check / Wiki Update Reminder (pull_request) Successful in 1s
Universal: PR Check / Validate PR (pull_request) Successful in 21s
Generic: Repo Health / Access control (pull_request) Successful in 3s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Project CI / Lint & Validate (pull_request) Successful in 51s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
Universal: Auto Version Bump / Version Bump (push) Successful in 20s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m57s
PR RC Release / Build RC Release (pull_request) Successful in 5m58s
Universal: PR Check / Require Docs Update (pull_request) Successful in 6m4s
Universal: PR Check / Secret Scan (pull_request) Successful in 6m4s
Deploy MokoGitea (Dev) / Build & Deploy to Dev (push) Successful in 7m28s
Deploy (RC) / Build & Deploy to RC (push) Successful in 10m18s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
Lets deploy-rc be run on demand (from a ref carrying current source) to verify
the RC pipeline end-to-end without a full rc promotion + pre-release.

Claude-Session: https://claude.ai/code/session_01Wsno14cxE49MstXFs9G5KT
2026-07-05 19:15:55 -05:00
jmiller b2447da3dd Merge pull request 'feat(ci): deploy-rc.yml — auto-deploy rc branch to the new RC environment' (#751) from feat/deploy-rc-workflow into dev
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Universal: Auto Version Bump / Version Bump (push) Has been skipped
Universal: PR Check / Wiki Update Reminder (pull_request) Successful in 1s
Universal: PR Check / Validate PR (pull_request) Successful in 10s
Generic: Repo Health / Access control (pull_request) Successful in 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Project CI / Lint & Validate (pull_request) Successful in 39s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m53s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
PR RC Release / Build RC Release (pull_request) Successful in 5m27s
Universal: PR Check / Require Docs Update (pull_request) Successful in 5m29s
Universal: PR Check / Secret Scan (pull_request) Successful in 5m30s
Deploy MokoGitea (Dev) / Build & Deploy to Dev (push) Successful in 10m14s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
2026-07-06 00:03:55 +00:00
jmiller 7be712571c refactor(ci): tier-scope deploy-rc variables (RC_SSH_*, RC_REGISTRY*, RC_IMAGE)
Universal: PR Check / Require Docs Update (pull_request) Has been skipped
Universal: PR Check / Wiki Update Reminder (pull_request) Has been skipped
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
PR RC Release / Build RC Release (pull_request) Successful in 5s
Universal: PR Check / Validate PR (pull_request) Successful in 13s
Generic: Project CI / Lint & Validate (pull_request) Successful in 47s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m36s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Successful in 1s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Shared DEPLOY_HOST/PORT/USER assumed all tiers live on one host. Scope every
deploy variable to the rc tier (mirrors the org's DEV_SSH_* convention) so a repo
inheriting this template can host rc/dev/prod on separate machines independently.

Claude-Session: https://claude.ai/code/session_01Wsno14cxE49MstXFs9G5KT
2026-07-05 19:01:38 -05:00
jmiller 6634b049ab fix(ci): deploy-rc reuses existing DEPLOY_SSH_KEY + MOKOGITEA_TOKEN secrets
Universal: PR Check / Require Docs Update (pull_request) Has been skipped
Universal: PR Check / Wiki Update Reminder (pull_request) Has been skipped
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
PR RC Release / Build RC Release (pull_request) Successful in 3s
Universal: PR Check / Validate PR (pull_request) Successful in 10s
Generic: Project CI / Lint & Validate (pull_request) Successful in 52s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m47s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
The registry token is the org-wide MOKOGITEA_TOKEN secret (already configured,
used by deploy-dev/deploy-mokogitea), not a new DEPLOY_REGISTRY_TOKEN. Reuse the
existing secret names so no new secret values are needed; only the non-sensitive
tier variables get set per-repo.

Claude-Session: https://claude.ai/code/session_01Wsno14cxE49MstXFs9G5KT
2026-07-05 18:54:27 -05:00
jmiller 5c62cefcd3 refactor(ci): deploy-rc.yml -> root workflows, fully parameterized via repo vars/secrets
Universal: PR Check / Require Docs Update (pull_request) Has been skipped
Universal: PR Check / Wiki Update Reminder (pull_request) Has been skipped
PR RC Release / Build RC Release (pull_request) Successful in 2s
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Universal: PR Check / Validate PR (pull_request) Successful in 7s
Generic: Project CI / Lint & Validate (pull_request) Successful in 33s
Universal: PR Check / Secret Scan (pull_request) Successful in 53s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
- Moved from custom/ to the root .mokogitea/workflows/ (synced/template-owned area).
- All deployment config now comes from repo Actions variables (DEPLOY_HOST/PORT/USER,
  DEPLOY_REGISTRY/IMAGE, RC_CONTAINER/COMPOSE_PROJECT/COMPOSE_DIR/SOURCE_DIR/TAG_ENV/
  HEALTH_URL) and secrets (DEPLOY_SSH_KEY, DEPLOY_REGISTRY_TOKEN) — nothing hardcoded,
  so it works across Go server repos. Clone URL derived from github.server_url/repository.
- To become Template-Go-owned (Template-Go#3).

Claude-Session: https://claude.ai/code/session_01Wsno14cxE49MstXFs9G5KT
2026-07-05 18:37:33 -05:00
jmiller f2ca569906 feat(ci): deploy-rc.yml — auto-deploy the rc branch to the RC environment
Universal: PR Check / Require Docs Update (pull_request) Has been skipped
Universal: PR Check / Wiki Update Reminder (pull_request) Has been skipped
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
PR RC Release / Build RC Release (pull_request) Successful in 3s
Universal: PR Check / Validate PR (pull_request) Successful in 13s
Generic: Project CI / Lint & Validate (pull_request) Successful in 43s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m6s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Adds a custom deploy workflow that builds and deploys the release candidate
to rc.git.mokoconsulting.tech (mokogitea-rc container, port 3110, DB
mokogitea_rc) on push to the rc branch — the branch promote-rc creates when
a PR to main is opened. Mirrors the fixed deploy-dev.yml: env-var image tag
(MOKOGITEA_RC_TAG) driving the shared compose file (no sed), rm -f before
force-recreate, quoted-heredoc remote expansion, health check + external
verify. Gives a real release-candidate environment to validate before prod.

Intended to move to Template-Go as the canonical synced source once validated
(kept in custom/ for now so it isn't overwritten by workflow sync).

Claude-Session: https://claude.ai/code/session_01Wsno14cxE49MstXFs9G5KT
2026-07-05 18:31:51 -05:00
jmiller b9301a8f31 Merge pull request 'feat: org branch protection per-user (username/email) allowlists + actions-bot toggle (#727)' (#750) from feature/org-branch-protection-user-allowlists into dev
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Generic: Project CI / Lint & Validate (pull_request) Successful in 53s
Universal: PR Check / Wiki Update Reminder (pull_request) Successful in 2s
Generic: Repo Health / Access control (pull_request) Successful in 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Universal: PR Check / Validate PR (pull_request) Successful in 14s
PR RC Release / Build RC Release (pull_request) Successful in 4m28s
Universal: PR Check / Require Docs Update (pull_request) Successful in 4m57s
Universal: PR Check / Secret Scan (pull_request) Successful in 4m55s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 2m51s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
Deploy MokoGitea (Dev) / Build & Deploy to Dev (push) Successful in 15m28s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
Universal: Auto Version Bump / Version Bump (push) Has been skipped
2026-07-05 22:54:30 +00:00
jmiller cac06c2ac7 feat: org branch protection per-user allowlists + Actions-bot toggle (#727)
Universal: Auto Version Bump / Version Bump (push) Successful in 12s
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Universal: PR Check / Require Docs Update (pull_request) Has been skipped
Universal: PR Check / Wiki Update Reminder (pull_request) Has been skipped
PR RC Release / Build RC Release (pull_request) Successful in 4s
Universal: PR Check / Validate PR (pull_request) Successful in 14s
Branch Cleanup / Delete merged branch (pull_request) Successful in 2s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Generic: Project CI / Lint & Validate (pull_request) Successful in 1m3s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m42s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Extend org-level branch protection to support per-user allowlists (resolved
from username OR email) and an "allow Actions bot" toggle, alongside the
existing team allowlists, for all five categories (push, merge, force-push,
delete, approvals).

- models/git/org_protected_branch.go: add WhitelistUserIDs, MergeWhitelistUserIDs,
  ForcePushAllowlistUserIDs, DeleteAllowlistUserIDs, ApprovalsWhitelistUserIDs
  ([]int64) plus WhitelistActionsUser, MergeWhitelistActionsUser,
  ForcePushAllowlistActionsUser, DeleteAllowlistActionsUser (bool); copy all 9
  into ProtectedBranch in ToProtectedBranch().
- models/migrations/v1_27/v368.go: migration 367 adds the 9 columns.
- modules/structs/org_branch.go: add *Usernames []string and *ActionsUser bool
  to Create/Edit options and the response, matching repo-level json names.
- routers/api/v1/org/branch_protection.go: resolveUserIDs (username then email,
  dedupe, 422 on unknown); wire into Create + Edit and toAPIOrgBranchProtection.
- models/git/protected_branch_merge.go: add mergeAllowFlag and merge the four
  Actions-user flags most-restrictively (org can now express them); deploy-key
  flags stay repo-only pass-through.
- models/git/protected_branch_merge_test.go: mergeAllowFlag truth table, user-ID
  intersection, deploy-key pass-through.
- regenerate swagger v1 + openapi3 specs.

Claude-Session: https://claude.ai/code/session_01Wsno14cxE49MstXFs9G5KT
2026-07-05 17:48:47 -05:00
jmiller 6c0c2c3f1f Merge pull request 'chore(sync): cascade main -> dev' (#748) from main into dev
Generic: Project CI / Lint & Validate (pull_request) Successful in 1m8s
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
PR RC Release / Build RC Release (pull_request) Successful in 1m38s
Universal: PR Check / Wiki Update Reminder (pull_request) Successful in 9s
Universal: PR Check / Validate PR (pull_request) Successful in 17s
Generic: Repo Health / Access control (pull_request) Successful in 5s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Universal: PR Check / Secret Scan (pull_request) Successful in 1m56s
Universal: PR Check / Require Docs Update (pull_request) Successful in 3m36s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m39s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
Universal: Auto Version Bump / Version Bump (push) Has been skipped
Deploy MokoGitea (Dev) / Build & Deploy to Dev (push) Successful in 14m4s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
2026-07-05 22:03:31 +00:00
jmiller 4db6f03efd Merge fix/rebrand-wiki-docs: normalize in-repo wiki branding
Cascade Main -> Dev / Cascade main -> dev (push) Successful in 13s
Universal: PR Check / Require Docs Update (pull_request) Has been skipped
PR RC Release / Build RC Release (pull_request) Successful in 4s
Universal: PR Check / Wiki Update Reminder (pull_request) Has been skipped
Universal: PR Check / Branch Policy (pull_request) Successful in 3s
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
Universal: PR Check / Validate PR (pull_request) Successful in 16s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Generic: Project CI / Lint & Validate (pull_request) Successful in 51s
Universal: PR Check / Secret Scan (pull_request) Successful in 3m59s
Deploy MokoGitea / deploy (push) Failing after 14m2s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
2026-07-05 22:01:50 +00:00
jmiller bdac121b70 docs(wiki): normalize in-repo wiki branding (MokoGitea/mokocli/MokoStandards->org wiki/MokoSuite)
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m50s
2026-07-05 22:01:47 +00:00
jmiller 80a4c68063 chore: sync workflow-sync-trigger.yml from Template-Generic [skip ci] 2026-07-05 21:46:31 +00:00
jmiller 5c0bf5f214 chore: sync version-set.yml from Template-Generic [skip ci] 2026-07-05 21:46:18 +00:00
jmiller e2f8d5ce9b chore: sync repo-health.yml from Template-Generic [skip ci] 2026-07-05 21:46:08 +00:00
jmiller 1d5427f2c2 chore: sync rc-revert.yml from Template-Generic [skip ci] 2026-07-05 21:45:58 +00:00
jmiller 9d949b6294 chore: sync pre-release.yml from Template-Generic [skip ci] 2026-07-05 21:45:45 +00:00
jmiller 515e8fcdea chore: sync pr-check.yml from Template-Generic [skip ci] 2026-07-05 21:45:34 +00:00
jmiller 519966015b chore: sync notify.yml from Template-Generic [skip ci] 2026-07-05 21:45:24 +00:00
jmiller 2677caafd6 chore: sync issue-branch.yml from Template-Generic [skip ci] 2026-07-05 21:45:14 +00:00
jmiller 66148f76fa chore: sync gitleaks.yml from Template-Generic [skip ci] 2026-07-05 21:45:05 +00:00
jmiller 7a4be6ab63 chore: sync cleanup.yml from Template-Generic [skip ci] 2026-07-05 21:44:56 +00:00
jmiller c26ceaea87 chore: sync ci-issue-reporter.yml from Template-Generic [skip ci] 2026-07-05 21:44:50 +00:00
jmiller 8ba2dbf3e3 chore: sync cascade-dev.yml from Template-Generic [skip ci] 2026-07-05 21:42:28 +00:00
jmiller 44b25099ac chore: sync branch-cleanup.yml from Template-Generic [skip ci] 2026-07-05 21:42:21 +00:00
jmiller 838d1f0d28 chore: sync auto-release.yml from Template-Generic [skip ci] 2026-07-05 21:42:15 +00:00
jmiller 6e0db30b3e chore: sync auto-bump.yml from Template-Generic [skip ci] 2026-07-05 21:42:09 +00:00
jmiller e2343c8fb4 chore: sync workflow-sync-trigger.yml from Template-Generic [skip ci] 2026-07-05 21:09:03 +00:00
jmiller 8e045c60fc chore: sync pr-check.yml from Template-Generic [skip ci] 2026-07-05 21:08:49 +00:00
jmiller d3a0c7534b chore: sync version-set.yml from Template-Generic [skip ci] 2026-07-05 20:43:30 +00:00
jmiller 7f0da28988 chore: sync sync-on-merge.yml from Template-Generic [skip ci] 2026-07-05 20:43:14 +00:00
jmiller 6cd1d10617 chore: sync repo-health.yml from Template-Generic [skip ci] 2026-07-05 20:42:59 +00:00
jmiller 5c8056f15e chore: sync rc-revert.yml from Template-Generic [skip ci] 2026-07-05 20:42:42 +00:00
jmiller ffaa3662e6 chore: sync pre-release.yml from Template-Generic [skip ci] 2026-07-05 20:42:24 +00:00
jmiller 1c462f9d49 chore: sync pr-check.yml from Template-Generic [skip ci] 2026-07-05 20:42:05 +00:00
jmiller 8fbf97ac7e chore: sync gitleaks.yml from Template-Generic [skip ci] 2026-07-05 20:41:46 +00:00
jmiller b3448f4d62 chore: sync ci-issue-reporter.yml from Template-Generic [skip ci] 2026-07-05 20:41:21 +00:00
jmiller f72300a03f chore: sync cascade-dev.yml from Template-Generic [skip ci] 2026-07-05 20:40:53 +00:00
jmiller 08a43ec718 chore: sync branch-cleanup.yml from Template-Generic [skip ci] 2026-07-05 20:40:04 +00:00
jmiller bf2b299f87 chore: sync auto-release.yml from Template-Generic [skip ci] 2026-07-05 20:39:44 +00:00
jmiller 89aa805967 chore: sync auto-bump.yml from Template-Generic [skip ci] 2026-07-05 20:39:24 +00:00
jmiller 3efbab985b Merge pull request 'fix(locale): duplicate en-US key crashes boot under jsonv2 (#696/#728)' (#743) from fix/locale-dup-key-jsonv2 into dev
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
Universal: PR Check / Branch Policy (pull_request) Successful in 3s
Generic: Project CI / Lint & Validate (pull_request) Successful in 52s
Generic: Repo Health / Access control (pull_request) Successful in 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Universal: PR Check / Validate PR (pull_request) Successful in 19s
PR RC Release / Build RC Release (pull_request) Successful in 4m20s
Universal: PR Check / Secret Scan (pull_request) Successful in 4m21s
Deploy MokoGitea (Dev) / Build & Deploy to Dev (push) Successful in 10m14s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
Universal: Auto Version Bump / Version Bump (push) Has been skipped
2026-07-05 20:32:07 +00:00
jmiller 98b1ed2f7b fix(locale): duplicate en-US key crashes server boot under jsonv2
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 41s
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
PR RC Release / Build RC Release (pull_request) Successful in 3s
Universal: PR Check / Validate PR (pull_request) Successful in 13s
Generic: Project CI / Lint & Validate (pull_request) Successful in 47s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m39s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Successful in 2s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
The branch-protection delete feature (#696/#728) added a second
"repo.settings.event_delete" entry ("Branch Deletion") to locale_en-US.json,
reusing the existing webhook-event key (value "Delete"). The old JSON decoder
silently kept the last value; Go 1.26's jsonv2 decoder rejects duplicate
object keys, so InitLocales fails ("duplicate object member name
repo.settings.event_delete") and the server crash-loops at startup. Like the
code-scanner regexp panic, this only surfaces on a fresh boot, which is why it
shipped unnoticed.

Give the branch-protection section header its own key
"repo.settings.protect_branch_deletion" and point protected_branch.tmpl at it,
so the webhook "Delete" label and the branch-protection "Branch Deletion"
header both render correctly and the JSON has no duplicate. Verified: no
duplicate keys remain in any options/locale/*.json.

Claude-Session: https://claude.ai/code/session_01Wsno14cxE49MstXFs9G5KT
2026-07-05 15:21:31 -05:00
jmiller ccfc9a604b Merge pull request 'fix(security): code scanner RE2 lookahead panics server at startup (#552)' (#742) from fix/code-scanner-re2-panic into dev
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Universal: PR Check / Validate PR (pull_request) Successful in 13s
Generic: Repo Health / Access control (pull_request) Successful in 3s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Universal: Auto Version Bump / Version Bump (push) Has been skipped
Generic: Project CI / Lint & Validate (pull_request) Successful in 1m4s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m31s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
PR RC Release / Build RC Release (pull_request) Successful in 4m7s
Universal: PR Check / Secret Scan (pull_request) Successful in 4m5s
Deploy MokoGitea (Dev) / Build & Deploy to Dev (push) Failing after 7m9s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
2026-07-05 20:07:45 +00:00
jmiller 2f119fbd95 fix(security): code scanner panics at startup on RE2-incompatible regexp
PR RC Release / Build RC Release (pull_request) Successful in 3s
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Universal: PR Check / Validate PR (pull_request) Successful in 16s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Successful in 2s
Generic: Project CI / Lint & Validate (pull_request) Successful in 44s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m29s
Universal: PR Check / Secret Scan (pull_request) Successful in 3m49s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
The "deserialize-yaml-py" rule in services/security/code_scanner.go used a
negative lookahead `(?!\s*#)` in regexp.MustCompile. Go's regexp engine is
RE2, which has no lookahead/lookbehind, so MustCompile panics during the
package init() — crash-looping the entire server at startup. `go build` and
`go vet` do not execute init(), and CI never boots the binary, so this
shipped to main via #552 undetected; the running instances survived only
because they predate that image.

Replace the pattern with an RE2-safe equivalent `(?i)yaml\.load\s*\(`, which
matches the rule's stated intent (flag yaml.load() without SafeLoader,
CWE-502). Add a regression test that forces the package init and asserts
every DefaultCodeRules pattern compiled, so a future RE2-incompatible
pattern fails in CI here instead of on a live deploy.

Claude-Session: https://claude.ai/code/session_01Wsno14cxE49MstXFs9G5KT
2026-07-05 15:06:57 -05:00
jmiller 7f229ba01c Merge pull request 'fix: org-governance release review findings + dev deploy targeting (#727, #733)' (#741) from fix/org-governance-review into dev
Universal: Auto Version Bump / Version Bump (push) Has been skipped
Generic: Project CI / Lint & Validate (pull_request) Successful in 40s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m24s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Repo Health / Access control (pull_request) Successful in 1s
Universal: PR Check / Validate PR (pull_request) Successful in 13s
PR RC Release / Build RC Release (pull_request) Successful in 1m32s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m43s
Deploy MokoGitea (Dev) / Build & Deploy to Dev (push) Failing after 6m22s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
2026-07-05 19:51:06 +00:00
jmiller e98fca780e fix: address org-governance release review (#727, #733) + dev deploy targeting
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
PR RC Release / Build RC Release (pull_request) Successful in 3s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 50s
Universal: PR Check / Validate PR (pull_request) Successful in 11s
Generic: Project CI / Lint & Validate (pull_request) Successful in 35s
Universal: PR Check / Secret Scan (pull_request) Successful in 59s
Branch Cleanup / Delete merged branch (pull_request) Successful in 2s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Code-review findings on the org-governance release:

- Fail closed on org-rule lookup error: getFirstMatchProtectedBranchRule
  swallowed FindOrgBranchRuleForBranch errors (returned nil,nil), silently
  dropping the org floor and falling back to the repo rule on a transient DB
  error. Propagate the error so the org rule stays enforced.

- Stop the org rule locking out deploy-key and Actions-bot pushes:
  OrgProtectedBranch is team-only, so mergeMostRestrictive was ANDing the
  repo's WhitelistDeployKeys / WhitelistActionsUser (and the force-push,
  delete and merge counterparts) against the org side's always-false zero
  value, blocking every deploy-key and Actions push in any org with a
  matching branch rule. Carry those org-unmanaged fields through from the
  repo rule unchanged.

- Org push-policy max-file-size now inspects only the pushed delta
  (diff-tree + cat-file --batch-check) instead of the full tip tree via
  ls-tree, so a pre-existing oversized file can no longer permanently block
  unrelated pushes. New branches (no base commit) still scan the full tree.

Dev deploy targeting:

- deploy-dev.yml drove the dev container image via `sed` on the SHARED
  compose file, but the pattern matched the *prod* service line
  (container_name: mokogitea) — leaving the dev service pinned to a stale
  image (so every "green" deploy recreated old code) while corrupting the
  prod image pin. Drive the dev service image from ${MOKOGITEA_DEV_TAG}
  instead; the env-var only affects the dev service.

Claude-Session: https://claude.ai/code/session_01Wsno14cxE49MstXFs9G5KT
2026-07-05 14:46:01 -05:00
jmiller 7a4dc5e809 Merge pull request 'docs(api): OpenAPI spec + README/CHANGELOG for org-governance (#727, #738)' (#739) from feat/org-governance-openapi into dev
Universal: Auto Version Bump / Version Bump (push) Has been skipped
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Universal: PR Check / Validate PR (pull_request) Successful in 9s
Generic: Repo Health / Access control (pull_request) Successful in 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Project CI / Lint & Validate (pull_request) Successful in 1m1s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 59s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
Universal: PR Check / Secret Scan (pull_request) Successful in 1m8s
PR RC Release / Build RC Release (pull_request) Successful in 2m46s
Deploy MokoGitea (Dev) / Build & Deploy to Dev (push) Successful in 4m25s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
2026-07-05 15:19:08 +00:00
jmiller 8c63b00953 Merge pull request 'fix(ci): recreate dev container to avoid name conflict on deploy' (#740) from fix/deploy-dev-container-conflict into dev
Universal: Auto Version Bump / Version Bump (push) Has been skipped
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Universal: PR Check / Validate PR (pull_request) Successful in 14s
Generic: Repo Health / Access control (pull_request) Successful in 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Project CI / Lint & Validate (pull_request) Successful in 51s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m15s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
PR RC Release / Build RC Release (pull_request) Successful in 1m20s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m19s
Deploy MokoGitea (Dev) / Build & Deploy to Dev (push) Successful in 7m29s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
2026-07-05 15:18:53 +00:00
jmiller 6b81922c47 fix(ci): recreate dev container to avoid name conflict on deploy
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m0s
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
PR RC Release / Build RC Release (pull_request) Successful in 2s
Universal: PR Check / Validate PR (pull_request) Successful in 9s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Successful in 2s
Generic: Project CI / Lint & Validate (pull_request) Successful in 34s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m11s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
After the tag fix (#737) the dev deploy builds and pushes the image
fine but fails at `docker compose up -d` with:
  Conflict. The container name "/mokogitea-dev" is already in use

The dev service uses a fixed container_name, and the symlinked
/opt/gitea-dev path makes compose's derived project name unstable, so
an existing container is not recognized as the project's and `up`
tries to create rather than recreate. Remove any lingering
fixed-name container first, pin the compose project name, and force a
fresh recreate so migrations run against the new image.

Claude-Session: https://claude.ai/code/session_01Wsno14cxE49MstXFs9G5KT
2026-07-05 10:17:08 -05:00
jmiller 93365cdd95 docs(api): swagger annotations + response models for org-governance endpoints (#727, #738)
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
PR RC Release / Build RC Release (pull_request) Successful in 3s
Universal: PR Check / Validate PR (pull_request) Successful in 11s
Generic: Project CI / Lint & Validate (pull_request) Successful in 41s
Universal: PR Check / Secret Scan (pull_request) Successful in 59s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Branch Cleanup / Delete merged branch (pull_request) Successful in 1s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Annotate the four previously undocumented org-governance API handlers
(tag_protection, push_policy, repo_defaults, email_domain) with
swagger:operation blocks, and register the swagger:response models the
branch_protection operations already referenced. Register the org
option DTOs in the parameterBodies hack so their definitions are
emitted.

Also fix pre-existing spec-generation blockers surfaced once the spec
became regenerable: a stray comment glued to the repoUpdateManifest
swagger block (broke YAML parsing), missing owner/repo path params on
the manifest operations, a Manifest response registration, and missing
definitions for EditAccessTokenOption, the IssueBulk* options, and the
Issue{Priority,Status,Type}Def types. Regenerated v1_json.tmpl and
v1_openapi3_json.tmpl; spec now validates cleanly against Swagger 2.0.

Claude-Session: https://claude.ai/code/session_01Wsno14cxE49MstXFs9G5KT
2026-07-05 01:58:08 -05:00
jmiller 81ea2fcb05 docs: README org-governance feature + CHANGELOG CI fixes (#727)
Add an Org Governance entry to the README key-features list (org-wide
branch/tag protection, push policy, repo defaults, email-domain
allowlist) and record the recent build/CI fixes (#734, #735, #736,
#737) under CHANGELOG [Unreleased].

Claude-Session: https://claude.ai/code/session_01Wsno14cxE49MstXFs9G5KT
2026-07-05 01:28:36 -05:00
jmiller 2713c49aec Merge pull request 'fix(ci): pass TAG/REGISTRY_TOKEN into remote shell in dev deploy' (#737) from fix/deploy-dev-var-expansion into dev
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Generic: Repo Health / Access control (pull_request) Successful in 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Universal: PR Check / Validate PR (pull_request) Successful in 13s
Generic: Project CI / Lint & Validate (pull_request) Successful in 35s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m13s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
PR RC Release / Build RC Release (pull_request) Successful in 2m48s
Universal: PR Check / Secret Scan (pull_request) Successful in 2m49s
Deploy MokoGitea (Dev) / Build & Deploy to Dev (push) Failing after 4m55s
Universal: Auto Version Bump / Version Bump (push) Has been skipped
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
2026-07-05 06:15:01 +00:00
jmiller 3917bf6a29 fix(ci): pass TAG/REGISTRY_TOKEN into remote shell in dev deploy
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
PR RC Release / Build RC Release (pull_request) Successful in 3s
Universal: PR Check / Validate PR (pull_request) Successful in 12s
Generic: Project CI / Lint & Validate (pull_request) Successful in 37s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m7s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m12s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Successful in 1s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
The dev deploy step used an unquoted SSH heredoc and referenced
runner-side values as \$TAG / \$REGISTRY_TOKEN, deferring their
expansion to the remote shell where those names are unset. The
Docker build tag collapsed to "mokogitea:" and every dev deploy
failed with `invalid tag ... invalid reference format` before any
migration or server boot could run.

Inject TAG and REGISTRY_TOKEN as an env prefix on the ssh command
(`TAG='...' REGISTRY_TOKEN='...' bash -s`) and switch to a quoted
heredoc so every $var expands in exactly one place: the remote host.
Also fixes HEALTH_FMT (was defined on the runner but referenced
remotely) and adds an explicit empty-TAG guard so a future
regression fails loudly instead of building an untagged image.

Claude-Session: https://claude.ai/code/session_01Wsno14cxE49MstXFs9G5KT
2026-07-05 01:08:32 -05:00
jmiller 89ed32e961 Merge pull request 'fix: repair unit-test compile + vet failures (partial integration cleanup)' (#736) from fix/vet-test-suite-blockers into dev
Universal: Auto Version Bump / Version Bump (push) Has been skipped
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Universal: PR Check / Validate PR (pull_request) Successful in 13s
Generic: Project CI / Lint & Validate (pull_request) Successful in 1m7s
PR RC Release / Build RC Release (pull_request) Successful in 1m20s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m20s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
Deploy MokoGitea (Dev) / Build & Deploy to Dev (push) Failing after 2m33s
Universal: PR Check / Secret Scan (pull_request) Successful in 2m31s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
2026-07-05 05:58:38 +00:00
jmiller 948e7bcd21 fix: partial repair of tests/integration compile errors (license test)
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
PR RC Release / Build RC Release (pull_request) Successful in 2s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 55s
Universal: PR Check / Validate PR (pull_request) Successful in 12s
Generic: Project CI / Lint & Validate (pull_request) Successful in 41s
Universal: PR Check / Secret Scan (pull_request) Successful in 57s
Branch Cleanup / Delete merged branch (pull_request) Successful in 2s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
api_license_keys_test.go used the outdated NewRequestWithBody signature
(passing []byte where io.Reader is now required) — wrapped the string bodies in
strings.NewReader. Note: tests/integration remains broadly pre-existing-broken
across multiple other fork-added files (api_packages_composer type mismatch,
etc.); those are a separate dedicated cleanup, not part of #727.

Claude-Session: https://claude.ai/code/session_01Wsno14cxE49MstXFs9G5KT
2026-07-05 00:27:30 -05:00
jmiller 5d797431f0 fix: repair pre-existing test-suite compile/vet failures
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m15s
`go vet ./...` (finally runnable with a local Go toolchain) surfaced three
pre-existing failures that prevented the whole test tree from compiling — which
is very likely why the "Project CI / Tests" job never went green. None relate to
#727; all pre-existing on main.

- modules/util/util_test.go: CryptoRandomInt/String/Bytes now return (value,
  error); the tests used single-value assignment. Updated to capture + assert
  the error (and dropped a now-redundant `var err error`).
- tests/integration/auth_oauth2_test.go: `newFakeOIDCServer` was declared twice
  with different signatures (redeclaration = build failure). Renamed the
  config-struct variant to `newFakeOIDCServerWithConfig` and updated its caller;
  the (sub, oid) variant keeps the original name for its caller.
- routers/web/repo/issue_comment.go: removed a redundant `&& statusIDStr != ""`
  duplicate condition (vet: redundant and).

Verified: `go vet ./modules/util` clean; full `go vet ./...` re-run.

Claude-Session: https://claude.ai/code/session_01Wsno14cxE49MstXFs9G5KT
2026-07-05 00:23:04 -05:00
jmiller 63f773aa56 Merge pull request 'fix: repair build (renamed org-visibility helper) + gofmt' (#735) from fix/compile-hasorgvisible-and-gofmt into dev
Universal: Auto Version Bump / Version Bump (push) Has been skipped
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Universal: PR Check / Validate PR (pull_request) Successful in 18s
Generic: Repo Health / Access control (pull_request) Successful in 1s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Project CI / Lint & Validate (pull_request) Successful in 1m3s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m28s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m28s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
PR RC Release / Build RC Release (pull_request) Successful in 1m40s
Deploy MokoGitea (Dev) / Build & Deploy to Dev (push) Failing after 2m44s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
2026-07-05 05:07:58 +00:00
jmiller 125eefc650 fix: repair build (renamed org-visibility helper) + gofmt
Universal: PR Check / Branch Policy (pull_request) Successful in 3s
PR RC Release / Build RC Release (pull_request) Successful in 4s
Universal: PR Check / Validate PR (pull_request) Successful in 19s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Successful in 2s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m8s
Generic: Project CI / Lint & Validate (pull_request) Successful in 1m10s
Universal: PR Check / Secret Scan (pull_request) Successful in 2m43s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Two pre-existing issues surfaced when the org-governance series was compiled
locally with a real Go toolchain (go1.26.3) for the first time:

- routers/api/v1/api.go:519 called organization.HasOrgOrUserVisible, which no
  longer exists — it was renamed to IsOwnerVisibleToDoer (models/organization/
  org.go:548, identical signature). This one missed call site meant the whole
  routers/api/v1 package (and therefore the server binary) failed `go build`.
  With the rename, `go build ./...` is clean.
- gofmt: api.go (a mis-indented commented-out /projects route block) and
  release.go (import sort: repo before updateserver) were gofmt-dirty. Fixed
  with gofmt -w on the two files this change already touches.

Not part of #727, but blocks building/releasing the fork; found while validating
the dev -> main promotion (#733).

Claude-Session: https://claude.ai/code/session_01Wsno14cxE49MstXFs9G5KT
2026-07-05 00:06:48 -05:00
jmiller d07cfd412b Merge pull request 'chore: remove stray package-lock.json accidentally committed to dev' (#734) from chore/remove-stray-package-lock into dev
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Universal: Auto Version Bump / Version Bump (push) Has been skipped
Generic: Project CI / Lint & Validate (pull_request) Successful in 1m2s
Universal: PR Check / Validate PR (pull_request) Successful in 17s
Generic: Repo Health / Access control (pull_request) Successful in 3s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Universal: PR Check / Secret Scan (pull_request) Successful in 1m26s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m17s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
PR RC Release / Build RC Release (pull_request) Successful in 3m13s
Deploy MokoGitea (Dev) / Build & Deploy to Dev (push) Failing after 3m17s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
2026-07-05 04:40:58 +00:00
jmiller bd821e2d44 chore: remove stray package-lock.json accidentally committed to dev
PR RC Release / Build RC Release (pull_request) Successful in 4s
Universal: PR Check / Branch Policy (pull_request) Successful in 3s
Universal: PR Check / Validate PR (pull_request) Successful in 13s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Successful in 2s
Generic: Project CI / Lint & Validate (pull_request) Successful in 40s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m14s
Universal: PR Check / Secret Scan (pull_request) Successful in 2m54s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
package-lock.json (13.9k lines of generated npm lockfile) was swept into the
org push-policy commit (3aac1b456c, #730) by a `git add -A` during a gofmt-fix
restack. It is not tracked on main and is not part of the org-governance work.
Removing it so the dev -> main promotion (#733) doesn't introduce it.

Claude-Session: https://claude.ai/code/session_01Wsno14cxE49MstXFs9G5KT
2026-07-04 23:40:16 -05:00
jmiller aeed197ea5 Merge pull request 'feat(org): org-level email domain policy for members (#727)' (#732) from feat/org-email-domain into dev
Deploy MokoGitea (Dev) / Build & Deploy to Dev (push) Failing after 1m53s
Universal: Auto Version Bump / Version Bump (push) Has been skipped
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Repo Health / Access control (pull_request) Successful in 2s
Universal: PR Check / Validate PR (pull_request) Successful in 11s
Generic: Project CI / Lint & Validate (pull_request) Successful in 18s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m11s
Universal: Build & Release / Promote to RC (pull_request) Failing after 21s
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
Universal: PR Check / Secret Scan (pull_request) Successful in 1m16s
PR RC Release / Build RC Release (pull_request) Successful in 1m23s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
2026-07-05 04:34:14 +00:00
jmiller 45fc346d52 Merge pull request 'feat(org): org-level repository defaults applied on repo create/transfer (#727)' (#731) from feat/org-repo-defaults into dev
Deploy MokoGitea (Dev) / Build & Deploy to Dev (push) Failing after 2m7s
Universal: Auto Version Bump / Version Bump (push) Has been skipped
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 59s
2026-07-05 04:33:25 +00:00
jmiller 02071a23d6 Merge pull request 'feat(org): org-level push policy enforced in the pre-receive hook (#727)' (#730) from feat/org-push-policy into dev
Deploy MokoGitea (Dev) / Build & Deploy to Dev (push) Failing after 1m39s
Universal: Auto Version Bump / Version Bump (push) Has been skipped
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m3s
2026-07-05 04:33:09 +00:00
jmiller 3a5c6a37cf Merge pull request 'feat(org): org-level tag protection, layered with per-repo protected tags (#727)' (#729) from feat/org-tag-protection into dev
Universal: Auto Version Bump / Version Bump (push) Has been skipped
Deploy MokoGitea (Dev) / Build & Deploy to Dev (push) Failing after 1m28s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m15s
2026-07-05 04:32:53 +00:00
jmiller 37fb3703c7 Merge pull request 'fix(org): layer org-level branch protection with repo rules — most-restrictive wins (#727)' (#728) from fix/727-materialize-org-branch-protection into dev
Universal: Auto Version Bump / Version Bump (push) Has been skipped
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m16s
Deploy MokoGitea (Dev) / Build & Deploy to Dev (push) Failing after 1m36s
2026-07-05 04:32:24 +00:00
jmiller 6a3db171c1 feat(org): org-level email domain policy for members (#727)
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
PR RC Release / Build RC Release (pull_request) Successful in 3s
Universal: PR Check / Validate PR (pull_request) Successful in 12s
Generic: Project CI / Lint & Validate (pull_request) Successful in 25s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m2s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Successful in 4s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Restricts which email domains an organization's members may have. When a policy
is configured, a user can only be added to the org (via any team) if their
primary email matches one of the allowed domain globs.

Enforced at the single membership choke point services/org.AddTeamMember, which
every add path (API, web, group-sync) funnels through — so one check covers them
all. On violation it returns a typed ErrEmailDomainNotAllowed; the API team-add
handler maps it to 422.

- models/git/org_email_domain.go: OrgEmailDomainPolicy model + EmailAllowed
  (domain glob match) + OrgEmailDomainAllowed + typed error + CRUD. Migration 366.
- API: GET/PATCH/DELETE /orgs/{org}/email_domain_policy.
- Enforcement in services/org/team.go; 422 mapping in routers/api/v1/org/team.go.

An empty policy imposes no restriction. This is the one bounded piece of the
"access/security" tier; org 2FA-required and IP allowlists were deliberately NOT
built here — they are cross-cutting enforcement (auth gating / request
middleware) that needs a compiler + tests, not a blind stacked PR.

Stacked on #731/#730/#729/#728 for migration ordering (this = 366). Swagger
omitted.

Note: no Go toolchain available locally, so not compiled/gofmt'd/tested here.
Hand-verified: gofmt (tabs, no blank-in-block), imports (git_model added to the
api team handler, gci order), typed-error detection, migration contiguous (366).

Claude-Session: https://claude.ai/code/session_01Wsno14cxE49MstXFs9G5KT
2026-07-04 23:23:11 -05:00
jmiller d3134b1c53 feat(org): org-level repository defaults applied on repo create/transfer (#727)
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
PR RC Release / Build RC Release (pull_request) Successful in 3s
Universal: PR Check / Validate PR (pull_request) Successful in 9s
Generic: Project CI / Lint & Validate (pull_request) Successful in 15s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m5s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Successful in 3s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Adds a single per-org repository-defaults config, applied to a repo when it is
created in or transferred into the org via a notifier (services/org):

- ForcePrivate — force new/transferred repos private (Repository.IsPrivate).
- PR defaults (when ApplyPRDefaults) — allowed merge styles, default merge
  style, and auto-delete-branch-after-merge, written to the repo's pull-requests
  unit config via repo_service.UpdateRepositoryUnits.

Best-effort: the notifier logs and swallows errors, so a defaults bug can never
break repository creation or transfer.

- models/git/org_repo_defaults.go: OrgRepoDefaults model + CRUD + migration 365.
- API: GET/PATCH/DELETE /orgs/{org}/repo_defaults.
- services/org/notifier.go: CreateRepository/TransferRepository -> apply defaults;
  registered from routers/init.go (org_service.Init()).

Stacked on #730/#729/#728 for migration ordering (this = 365). Swagger omitted.

Note: no Go toolchain available locally, so not compiled/gofmt'd/tested here.
Hand-verified: gofmt (tabs, no blank-in-block, struct/DTO alignment), imports
used, no Init() collision in services/org, migration contiguous (365), notifier
signatures match the Notifier interface.

Claude-Session: https://claude.ai/code/session_01Wsno14cxE49MstXFs9G5KT
2026-07-04 23:22:38 -05:00
jmiller 3aac1b456c feat(org): org-level push policy enforced in the pre-receive hook (#727)
Universal: PR Check / Branch Policy (pull_request) Successful in 3s
PR RC Release / Build RC Release (pull_request) Successful in 5s
Universal: PR Check / Validate PR (pull_request) Successful in 15s
Generic: Project CI / Lint & Validate (pull_request) Successful in 23s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m13s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Successful in 1s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Adds a single per-org push policy that cascades to every repo of the org and is
enforced in the pre-receive hook:

- Branch/tag name conventions (glob) — a pushed ref name must match. Fail-closed.
- Mandatory secret-scanning block-on-push — org can force secret blocking that a
  repo cannot disable (overrides the per-repo scanner config in the orchestrator).
- Max pushed-file size — rejects a tip tree containing a blob over the limit.
- Blocked file-path patterns — rejects pushes changing matching paths (reuses
  pull_service.CheckFileProtection).

The two content checks (blocked paths, max size) FAIL OPEN on any error so a
policy/parsing bug can never wedge all pushes; naming is fail-closed.

- models/git/org_push_policy.go: OrgPushPolicy model + CRUD + matchers +
  GetOrgPushPolicyForRepo. Migration 364.
- API: GET/PATCH/DELETE /orgs/{org}/push_policy (routers/api/v1/org/push_policy.go,
  DTOs in modules/structs/org_push_policy.go, wired in api.go).
- Enforcement: routers/private/hook_pre_receive.go (branch: naming + blocked paths
  + max size; tag: naming) and services/security/orchestrator.go (secret mandate).

Deferred: a repo-facing read-only view of the org push policy (it is an org-wide
config, not per-repo overlay rules; readable via the API for now).

Stacked on #729/#728 for migration ordering (this = 364). Swagger annotations
omitted (can't regenerate without the toolchain).

Note: no Go toolchain available locally, so not compiled/gofmt'd/tested here.
Hand-verified: gofmt (tabs, no blank-in-block), escape sequences in the ls-tree
parser, imports used, migration contiguous (364), fail-open on content checks.

Claude-Session: https://claude.ai/code/session_01Wsno14cxE49MstXFs9G5KT
2026-07-04 23:20:39 -05:00
jmiller b31336d1fe feat(org): org-level tag protection, layered with per-repo protected tags (#727)
Universal: Build & Release / Promote to RC (pull_request) Failing after 18s
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
Generic: Project CI / Lint & Validate (pull_request) Successful in 39s
PR RC Release / Build RC Release (pull_request) Successful in 2m21s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Universal: PR Check / Validate PR (pull_request) Successful in 11s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m17s
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Branch Cleanup / Delete merged branch (pull_request) Successful in 1s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Adds org-level tag protection as a parallel to org-level branch protection.
An org tag rule is {NamePattern, AllowlistTeamIDs}; it cascades to every repo
in the org and layers on top of the repo's own protected tags — a tag is
controllable (push/delete) only if allowed at BOTH levels (fail-closed).

- models/git/org_protected_tag.go: OrgProtectedTag model + CRUD +
  ToProtectedTag() (reuses the ProtectedTag matcher/allowlist logic) +
  IsUserAllowedToControlTagInRepo() which ANDs the repo decision with the org
  decision. Migration 363.
- API: /orgs/{org}/tag_protections CRUD (routers/api/v1/org/tag_protection.go,
  DTOs in modules/structs/org_tag.go, wired in api.go).
- Enforcement: the git push/delete hook (hook_pre_receive.go) and the two
  release paths (release.go create/delete) now call the layered check, so no
  per-site tag logic changes beyond swapping the helper.
- View: the repo Tag settings page lists inherited org tag rules read-only.

Stacked on #728 (branch-protection PR) for migration ordering — merge #728
first. Swagger annotations omitted (can't regenerate the swagger JSON without
the toolchain); routes still register.

Note: no Go toolchain available locally, so not compiled/gofmt'd/tested here.
Hand-verified: gofmt (tabs, no blank-in-block, struct alignment), template
nesting balances, all .Rule fields exist on OrgProtectedTag, all locale keys
defined, JSON valid, migration contiguous (363).

Claude-Session: https://claude.ai/code/session_01Wsno14cxE49MstXFs9G5KT
2026-07-04 21:37:18 -05:00
jmiller 4b68853f08 feat(org): add branch-deletion protection + expandable inherited-rule view (#727)
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Repo Health / Access control (pull_request) Successful in 1s
Generic: Project CI / Lint & Validate (pull_request) Successful in 39s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m3s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
PR RC Release / Build RC Release (pull_request) Successful in 1m8s
Generic: Project CI / Tests (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Universal: PR Check / Validate PR (pull_request) Successful in 12s
Universal: PR Check / Secret Scan (pull_request) Successful in 3m47s
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Successful in 2s
Two related additions:

1. Branch deletion as an org-level ability. OrgProtectedBranch gained
   CanDelete / EnableDeleteAllowlist / DeleteAllowlistTeamIDs (migration 362),
   ToProtectedBranch maps them, and the API (create/edit/response DTOs +
   handlers) exposes enable_delete / enable_delete_allowlist /
   delete_allowlist_teams. The layering merge already combined delete fields, so
   org delete-protection now enforces once ToProtectedBranch populates them.

2. The repo Branch Protection view now renders each inherited org rule as an
   expandable detail (direct push, force-push, branch deletion, merge, required
   approvals, status checks, protected files) with team names resolved, instead
   of three headline badges. Still read-only.

Note: no Go toolchain available locally, so not compiled/gofmt'd/tested here.
Verified by hand: struct-field gofmt alignment, template block nesting balances,
every .Rule field exists on OrgProtectedBranch, and all locale keys referenced
in the template are defined.

Claude-Session: https://claude.ai/code/session_01Wsno14cxE49MstXFs9G5KT
2026-07-04 21:16:24 -05:00
jmiller 86bd8a2cad feat(org): show inherited org branch-protection rules in repo settings (#727)
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Repo Health / Access control (pull_request) Successful in 2s
Universal: PR Check / Validate PR (pull_request) Successful in 13s
Generic: Project CI / Lint & Validate (pull_request) Successful in 42s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m18s
PR RC Release / Build RC Release (pull_request) Successful in 1m17s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
Universal: PR Check / Secret Scan (pull_request) Successful in 1m32s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
The org "floor" is enforced implicitly at the choke point, so a repo admin
couldn't see which org-level rules apply to their repo. Surface them in the
repo's Branch Protection settings page (read-only), the way GitHub shows
organization rulesets in a repository.

- ProtectedBranchRules handler: when the owner is an org, load
  FindOrgProtectedBranchRules and expose them as OrgProtectedBranches.
- branches.tmpl: new read-only "Organization Branch Protection" section listing
  each org rule with an "Organization" badge, a lock/read-only marker, and
  compact indicators (required approvals, signed commits, status checks). No
  edit/delete controls — these are managed at the org level.
- en-US locale strings.

Note: no Go toolchain available locally, so not compiled/gofmt'd/tested here.

Claude-Session: https://claude.ai/code/session_01Wsno14cxE49MstXFs9G5KT
2026-07-04 20:25:24 -05:00
jmiller 24b3516c1d fix(org): layer org-level branch protection with repo rules, most-restrictive wins (#727)
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Repo Health / Access control (pull_request) Successful in 1s
Generic: Project CI / Lint & Validate (pull_request) Successful in 38s
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Universal: PR Check / Validate PR (pull_request) Successful in 10s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m8s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
PR RC Release / Build RC Release (pull_request) Successful in 3m15s
Universal: PR Check / Secret Scan (pull_request) Successful in 3m5s
Generic: Project CI / Tests (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Org-level branch protection was already consulted at the single enforcement
choke point `GetFirstMatchProtectedBranchRule`, but only as a FALLBACK: if any
repo-level rule matched the branch, the org rule was ignored entirely. That let
a repo define a looser rule for a pattern and effectively opt out of the org's
protection.

Make the choke point LAYER the two rules instead: when both an org rule and a
repo rule match a branch, return their most-restrictive (fail-closed)
combination, so the org rule is a mandatory floor a repo can only tighten.

- models/git/protected_branch_merge.go: mergeMostRestrictive + helpers. Allow
  flags AND'd; gate/require/block flags OR'd; RequiredApprovals max'd; required
  sets (status contexts, protected files) unioned; allow sets (whitelists,
  unprotected files) intersected. A disabled allowlist means "everyone", so it
  only constrains when enabled.
- models/git/protected_branch_list.go: GetFirstMatchProtectedBranchRule now
  fetches both the repo rule and the org rule and merges when both match;
  returns whichever exists when only one matches. Org lookup factored into
  getFirstMatchOrgProtectedBranchRule.

Supersedes the materialization approach previously proposed for this issue —
the org fallback already existed, so only this one function needed to change.

Fail-closed by design: any merge edge errs toward MORE protection (over-restrict)
rather than less, so it cannot open a hole.

Note: no Go toolchain available locally, so not compiled/gofmt'd/tested here —
relying on CI to validate build, formatting, and tests.

Claude-Session: https://claude.ai/code/session_01Wsno14cxE49MstXFs9G5KT
2026-07-04 19:42:08 -05:00
jmiller 056eb7d3c4 chore: sync notify.yml from Template-Generic [skip ci] 2026-07-05 00:05:09 +00:00
jmiller 0492448ab5 chore: sync cleanup.yml from Template-Generic [skip ci] 2026-07-05 00:04:56 +00:00
jmiller 377dd019be chore: sync auto-release.yml from Template-Generic [skip ci] 2026-07-04 23:27:10 +00:00
jmiller 5ffed39449 Merge pull request 'fix: render org teams list and make issue type editable (#720, #721)' (#726) from fix/team-list-and-issue-type-editable into main
Deploy MokoGitea / deploy (push) Failing after 5m1s
2026-07-04 21:31:56 +00:00
jmiller 0cc569aef6 fix: render org teams list and make issue type editable (#720, #721)
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Repo Health / Access control (pull_request) Successful in 2s
Universal: PR Check / Validate PR (pull_request) Successful in 14s
Generic: Project CI / Lint & Validate (pull_request) Successful in 57s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m15s
PR RC Release / Build RC Release (pull_request) Successful in 2m18s
Universal: PR Check / Secret Scan (pull_request) Successful in 2m19s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Successful in 1s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Failing after 1m10s
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 9m20s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
#720: org Teams page wrote ctx.Data["OrgListTeams"] but the template iterates .Teams, so no teams rendered. Use the canonical Teams key (matches org/home.go). #721: issue type sidebar gated editing on a FieldEditFlags data key that no handler sets (always nil -> always read-only). Use HasIssuesOrPullsWritePermission like the priority field; the /custom-type endpoint is already protected by reqRepoIssuesOrPullsWriter.
2026-07-04 16:27:32 -05:00
jmiller 4ed45a5916 chore: sync pr-check.yml from Template-Generic [skip ci] 2026-07-04 20:27:57 +00:00
jmiller ea87b3db97 chore: sync pr-check.yml from Template-Generic [skip ci] 2026-07-04 20:22:43 +00:00
jmiller d77b82a8af chore: sync ci-generic.yml from Template-Generic [skip ci] 2026-07-04 20:22:34 +00:00
jmiller 22b0b14ea8 chore: sync pr-check.yml from Template-Generic [skip ci] 2026-07-04 19:38:21 +00:00
jmiller 1256f57d40 chore: sync ci-generic.yml from Template-Generic [skip ci] 2026-07-04 19:38:11 +00:00
jmiller 05763eb661 chore: sync branch-cleanup.yml from Template-Generic [skip ci] 2026-07-04 19:37:58 +00:00
jmiller 0c45a2fda3 chore: sync sync-on-merge.yml from Template-Generic [skip ci] 2026-07-04 19:05:30 +00:00
jmiller 8680fd1cab chore: sync pre-release.yml from Template-Generic [skip ci] 2026-07-04 19:05:10 +00:00
jmiller adf0e923df chore: sync pr-check.yml from Template-Generic [skip ci] 2026-07-04 19:04:47 +00:00
jmiller 296df7792a chore: sync notify.yml from Template-Generic [skip ci] 2026-07-04 19:04:37 +00:00
jmiller 51332a587d chore: sync cleanup.yml from Template-Generic [skip ci] 2026-07-04 19:04:27 +00:00
jmiller 8fc2700c16 chore: sync ci-generic.yml from Template-Generic [skip ci] 2026-07-04 19:04:20 +00:00
jmiller 844b4b6e81 chore: sync auto-release.yml from Template-Generic [skip ci] 2026-07-04 19:04:10 +00:00
jmiller cb9516b79b Merge pull request 'fix: support radio inputs in admin system config form' (#724) from fix/admin-config-radio into main
Deploy MokoGitea / deploy (push) Failing after 3m57s
2026-07-04 19:01:33 +00:00
jmiller aea4370845 ci: no-op PR RC Release when updates.xml is absent
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Repo Health / Access control (pull_request) Successful in 1s
Universal: PR Check / Validate PR (pull_request) Successful in 11s
Generic: Project CI / Lint & Validate (pull_request) Successful in 33s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 49s
PR RC Release / Build RC Release (pull_request) Successful in 1m34s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m36s
Branch Cleanup / Delete merged branch (pull_request) Successful in 1s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Failing after 55s
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Successful in 8m57s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
The RC release workflow drives a Joomla-style updates.xml update stream. On a generic repo with no updates.xml, the Determine RC version step ran sed on a missing file and aborted under set -e (exit 2). Detect updates.xml presence and gate the update-stream steps (edit/create-release/commit) on it so the job succeeds and no-ops when there is nothing to package.
2026-07-04 13:53:15 -05:00
jmiller fc234bc911 fix: remove dangling mcp-mokogitea-api submodule gitlink
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Repo Health / Access control (pull_request) Successful in 2s
Universal: PR Check / Validate PR (pull_request) Successful in 11s
Generic: Project CI / Lint & Validate (pull_request) Successful in 39s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 42s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
PR RC Release / Build RC Release (pull_request) Failing after 1m11s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m12s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
The tree carried a gitlink at mcp-mokogitea-api (mode 160000) with no .gitmodules entry, so git submodule update --init --recursive failed with exit 128 at checkout, breaking every PR build/release job. mcp-mokogitea-api is a separate repo, not a submodule; remove the gitlink from the index (keeping the local working-tree clone) and gitignore the path so it can't be re-added.
2026-07-04 13:46:35 -05:00
jmiller b252e9569f ci: allow fix/patch branches to target main and guard missing manifest
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Repo Health / Access control (pull_request) Successful in 2s
Universal: PR Check / Validate PR (pull_request) Successful in 11s
Generic: Project CI / Lint & Validate (pull_request) Successful in 36s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Failing after 1m0s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
PR RC Release / Build RC Release (pull_request) Failing after 57s
Universal: PR Check / Secret Scan (pull_request) Successful in 57s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
Branch policy in pr-check.yml only allowed fix/* and patch/* to target dev/rc, blocking fix/* PRs to main despite the documented policy. Allow fix/* -> main and patch/* -> main. Also guard the Detect platform step for a missing .mokogitea/manifest.xml (removed in favor of the metadata API) so it no longer aborts the Validate PR job under set -e.
2026-07-04 13:36:47 -05:00
jmiller efb0433412 fix: preserve server-rendered radio default when config value is empty
Universal: PR Check / Branch Policy (pull_request) Failing after 1s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Repo Health / Access control (pull_request) Successful in 2s
Universal: PR Check / Validate PR (pull_request) Failing after 11s
Generic: Project CI / Lint & Validate (pull_request) Successful in 37s
PR RC Release / Build RC Release (pull_request) Failing after 1m3s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Failing after 1m5s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
Universal: PR Check / Secret Scan (pull_request) Successful in 1m9s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
LandingPageType.Mode defaults to "" (Go zero value), and the template renders the home radio as checked for an empty Mode. The initial radio fill would evaluate home.checked = ("home" === "") = false, unchecking the default on a fresh install. Skip assignment when the config value is empty so the server-rendered selection is preserved. Adds a test for the empty-value case.
2026-07-04 13:15:10 -05:00
jmiller 982e45a56e fix: support radio inputs in admin system config form
Universal: PR Check / Branch Policy (pull_request) Failing after 1s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Repo Health / Access control (pull_request) Successful in 1s
Universal: PR Check / Validate PR (pull_request) Failing after 11s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Failing after 38s
Universal: Build & Release / Promote to RC (pull_request) Failing after 8s
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
Generic: Project CI / Lint & Validate (pull_request) Successful in 39s
Universal: PR Check / Secret Scan (pull_request) Successful in 43s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
The system config form JS (config.ts) only mapped checkbox, text, textarea, and datetime-local elements. The fork landing_page.tmpl uses radio inputs for the Mode field, so fillFromSystemConfig() hit unsupportedElement() and threw, aborting all JS init on the admin settings page.

Add radio handling in both directions: fill checks the option whose value matches the config value; collect returns the checked option's value and skips/nulls unchecked radios so a group resolves to exactly one value. Adds a radio-group test case.
2026-07-04 01:20:43 -05:00
jmiller 343cba690e Update .mokogitea/ISSUE_TEMPLATE/feature_request.md
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Failing after 54s
Deploy MokoGitea (Dev) / Build & Deploy to Dev (push) Failing after 1m15s
Universal: Auto Version Bump / Version Bump (push) Successful in 15s
2026-07-01 05:18:57 +00:00
jmiller 78328146e5 Merge pull request 'fix: remove orphaned deploy-manual workflow' (#718) from fix/remove-deploy-manual into main
fix: remove orphaned deploy-manual workflow [skip ci]
2026-06-30 18:33:36 +00:00
jmiller 84c6a94333 fix: remove orphaned deploy-manual workflow [skip ci] 2026-06-30 18:07:04 +00:00
jmiller 11b2195bdf chore: sync auto-release.yml from Template-Generic [skip ci] 2026-06-28 20:07:10 +00:00
jmiller f8a91ed34e release: code security scanner (#552)
Deploy MokoGitea / deploy (push) Failing after 5m9s
Code security scanner with 22 OWASP pattern detection rules across 7 CWE categories (SQL injection, XSS, command injection, path traversal, insecure deserialization, hardcoded credentials, weak cryptography). Language-filtered scanning for Go, PHP, Python, JS/TS, Java, C#, Ruby.
2026-06-28 19:00:33 +00:00
jmiller 87f92fe1ab Merge pull request 'feat: code security scanner with OWASP pattern detection (#552)' (#716) from feature/code-scanner into dev
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Failing after 1m5s
Deploy MokoGitea (Dev) / Build & Deploy to Dev (push) Failing after 1m8s
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Universal: PR Check / Validate PR (pull_request) Successful in 13s
Generic: Repo Health / Access control (pull_request) Successful in 1s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Project CI / Lint & Validate (pull_request) Successful in 58s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m22s
PR RC Release / Build RC Release (pull_request) Failing after 2m13s
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Failing after 1m35s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 25m8s
Universal: Auto Version Bump / Version Bump (push) Has been skipped
2026-06-28 16:08:21 +00:00
jmiller 66aea89b40 docs: update README to reflect code security scanner
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
PR RC Release / Build RC Release (pull_request) Successful in 3s
Universal: PR Check / Validate PR (pull_request) Successful in 12s
Universal: Auto Version Bump / Version Bump (push) Successful in 18s
Generic: Project CI / Lint & Validate (pull_request) Successful in 39s
Universal: PR Check / Secret Scan (pull_request) Successful in 59s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Successful in 2s
Claude-Session: https://claude.ai/code/session_011AAFzotGMf3ayvXhEmStCd
2026-06-28 08:20:23 -05:00
jmiller 7c75133ef1 feat: code security scanner with OWASP pattern detection (#552)
Universal: Auto Version Bump / Version Bump (push) Successful in 13s
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
PR RC Release / Build RC Release (pull_request) Successful in 2s
Universal: PR Check / Validate PR (pull_request) Successful in 12s
Generic: Project CI / Lint & Validate (pull_request) Successful in 37s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m20s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Implements the code analysis scanner module that detects insecure
patterns across Go, PHP, Python, JavaScript, and TypeScript:

- SQL injection (CWE-89): string concat in queries across 4 languages
- XSS (CWE-79): innerHTML, document.write, unescaped output, dangerouslySetInnerHTML
- Command injection (CWE-78): exec with variables, shell=True, os.system
- Path traversal (CWE-22): unsanitized path joins, file open with user input
- Insecure deserialization (CWE-502): unserialize(), yaml.load()
- Hardcoded credentials (CWE-798): password assignments in source
- Weak cryptography (CWE-327): MD5/SHA-1 usage

22 rules total, language-filtered by file extension. Wired into the
existing scanner orchestrator via the CodeScanner config toggle.
API updated to expose code_scanner in GET/PATCH security config.

Claude-Session: https://claude.ai/code/session_011AAFzotGMf3ayvXhEmStCd
2026-06-28 08:15:34 -05:00
jmiller 108b19dcc8 chore: sync pr-check.yml from Template-Generic [skip ci] 2026-06-28 11:12:11 +00:00
jmiller 37a62b5ab7 Merge pull request 'fix: pr-check platform detection queries metadata API' (#715) from fix/pr-check-platform-detection into main
Deploy MokoGitea / deploy (push) Failing after 5m4s
2026-06-28 11:10:36 +00:00
jmiller 35ebbef489 docs: update README with new features from latest release
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Repo Health / Access control (pull_request) Successful in 2s
Universal: PR Check / Validate PR (pull_request) Successful in 13s
Generic: Project CI / Lint & Validate (pull_request) Successful in 35s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Failing after 1m24s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m30s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Successful in 2s
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Successful in 6m10s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
Add cascade merge, secret scanning, default org teams, branch
protection delete allowlist to Key Features list.

Claude-Session: https://claude.ai/code/session_011AAFzotGMf3ayvXhEmStCd
2026-06-28 06:02:28 -05:00
jmiller 193c705c05 fix: branch policy allows fix/patch branches to target main
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Universal: PR Check / Validate PR (pull_request) Successful in 18s
Generic: Project CI / Lint & Validate (pull_request) Successful in 1m4s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Failing after 1m32s
PR RC Release / Build RC Release (pull_request) Failing after 1m33s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m32s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
The pr-check branch policy only allowed fix/* -> dev, but the actual
org policy is fix/patch branches PR to main directly. Also updated
the summary text to list all allowed merge paths correctly.

Claude-Session: https://claude.ai/code/session_011AAFzotGMf3ayvXhEmStCd
2026-06-28 06:00:56 -05:00
jmiller fa845164bb fix: pr-check platform detection queries metadata API instead of removed manifest.xml
Universal: PR Check / Branch Policy (pull_request) Failing after 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Repo Health / Access control (pull_request) Successful in 2s
Universal: PR Check / Validate PR (pull_request) Successful in 14s
Generic: Project CI / Lint & Validate (pull_request) Successful in 40s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Failing after 1m24s
PR RC Release / Build RC Release (pull_request) Failing after 3m14s
Universal: PR Check / Secret Scan (pull_request) Successful in 3m15s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
The manifest.xml file no longer exists — platform is stored in the
MokoGitea metadata API. The old sed command failed with exit 2 under
bash -e, cascading failure to all subsequent validate steps.

Claude-Session: https://claude.ai/code/session_011AAFzotGMf3ayvXhEmStCd
2026-06-28 05:59:14 -05:00
jmiller fefdf1a1ec release: cascade merge, status presets, default teams, secret scanning
Deploy MokoGitea / deploy (push) Failing after 7m33s
2026-06-28 09:41:22 +00:00
jmiller 23bb025700 merge: incorporate main into dev for release PR #714
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Universal: Auto Version Bump / Version Bump (push) Successful in 21s
Generic: Repo Health / Access control (pull_request) Successful in 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Universal: PR Check / Validate PR (pull_request) Failing after 15s
Generic: Project CI / Lint & Validate (pull_request) Successful in 40s
Deploy MokoGitea (Dev) / Build & Deploy to Dev (push) Failing after 1m32s
PR RC Release / Build RC Release (pull_request) Failing after 2m51s
Universal: PR Check / Secret Scan (pull_request) Successful in 2m49s
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Failing after 1m34s
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Successful in 6m59s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
Resolve CHANGELOG conflict — deduplicate feature entries.

Claude-Session: https://claude.ai/code/session_011AAFzotGMf3ayvXhEmStCd
2026-06-28 04:35:52 -05:00
jmiller 7913a05285 feat: cascade merge — auto-create PRs to downstream branches after merge (#460)
Universal: Auto Version Bump / Version Bump (push) Successful in 18s
Deploy MokoGitea (Dev) / Build & Deploy to Dev (push) Failing after 2m6s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Failing after 1m20s
Universal: PR Check / Branch Policy (pull_request) Successful in 3s
Generic: Repo Health / Access control (pull_request) Successful in 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Universal: PR Check / Validate PR (pull_request) Failing after 15s
Universal: Build & Release / Promote to RC (pull_request) Failing after 20s
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
Generic: Project CI / Lint & Validate (pull_request) Successful in 41s
PR RC Release / Build RC Release (pull_request) Failing after 2m49s
Universal: PR Check / Secret Scan (pull_request) Successful in 2m52s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
2026-06-28 08:52:04 +00:00
jmiller 98301bc92b merge: incorporate latest dev (post status-presets merge) into cascade-merge
PR RC Release / Build RC Release (pull_request) Successful in 4s
Generic: Project CI / Lint & Validate (pull_request) Successful in 42s
Universal: Auto Version Bump / Version Bump (push) Successful in 18s
Generic: Project CI / Tests (pull_request) Has been cancelled
Resolve CHANGELOG conflict, restore issue_metadata.go from dev.

Claude-Session: https://claude.ai/code/session_011AAFzotGMf3ayvXhEmStCd
2026-06-28 03:51:37 -05:00
jmiller c618ec9f87 feat: issue status presets and cross-org migration (#507)
Universal: Auto Version Bump / Version Bump (push) Successful in 17s
Deploy MokoGitea (Dev) / Build & Deploy to Dev (push) Failing after 3m26s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Failing after 1m46s
2026-06-28 08:49:23 +00:00
jmiller 5a25068d81 merge: incorporate dev changes into feature/cascade-merge
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
PR RC Release / Build RC Release (pull_request) Successful in 4s
Universal: PR Check / Validate PR (pull_request) Failing after 15s
Generic: Project CI / Lint & Validate (pull_request) Successful in 41s
Universal: Auto Version Bump / Version Bump (push) Successful in 22s
Universal: PR Check / Secret Scan (pull_request) Successful in 3m33s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Resolve CHANGELOG.md and api.go conflicts — keep both cascade_rules
and security route groups.

Claude-Session: https://claude.ai/code/session_011AAFzotGMf3ayvXhEmStCd
2026-06-28 03:48:52 -05:00
jmiller 57894e25fd merge: incorporate dev changes into feature/status-presets
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
PR RC Release / Build RC Release (pull_request) Successful in 4s
Universal: PR Check / Validate PR (pull_request) Failing after 12s
Generic: Project CI / Lint & Validate (pull_request) Successful in 1m7s
Branch Cleanup / Delete merged branch (pull_request) Failing after 4s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Universal: PR Check / Secret Scan (pull_request) Successful in 2m52s
Universal: Auto Version Bump / Version Bump (push) Successful in 18s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Resolve CHANGELOG.md conflict — keep both status presets and
default teams entries.

Claude-Session: https://claude.ai/code/session_011AAFzotGMf3ayvXhEmStCd
2026-06-28 03:47:37 -05:00
jmiller 2857a1f6a1 feat: security scanning API + pre-receive hook blocking (#692)
Deploy MokoGitea (Dev) / Build & Deploy to Dev (push) Failing after 3m3s
Universal: Auto Version Bump / Version Bump (push) Successful in 22s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Failing after 1m40s
2026-06-28 08:45:45 +00:00
jmiller b9c04e51b4 feat(orgs): auto-create default teams on org creation (#513)
Deploy MokoGitea (Dev) / Build & Deploy to Dev (push) Failing after 1m33s
Universal: Auto Version Bump / Version Bump (push) Successful in 19s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Failing after 1m36s
2026-06-28 08:45:25 +00:00
jmiller 0b44e92369 fix: cherry-pick upstream security fixes from v1.26.3 and v1.26.4
Deploy MokoGitea / deploy (push) Failing after 8m20s
2026-06-28 08:45:03 +00:00
jmiller cf25eef480 fix: distinguish unknown preset from DB errors in ApplyIssueStatusPreset
PR RC Release / Build RC Release (pull_request) Successful in 3s
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Universal: PR Check / Validate PR (pull_request) Failing after 13s
Universal: Auto Version Bump / Version Bump (push) Successful in 18s
Generic: Project CI / Lint & Validate (pull_request) Successful in 35s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m11s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
db.ErrNotExist returns 404, other errors return 500 instead of
masking all errors as 404.

Claude-Session: https://claude.ai/code/session_011AAFzotGMf3ayvXhEmStCd
2026-06-28 03:34:07 -05:00
jmiller 5da6a40f10 fix: resolve merge conflict marker and fix import paths in cherry-picked tests
Universal: PR Check / Branch Policy (pull_request) Failing after 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Repo Health / Access control (pull_request) Successful in 2s
Universal: PR Check / Validate PR (pull_request) Failing after 9s
Generic: Project CI / Lint & Validate (pull_request) Successful in 41s
PR RC Release / Build RC Release (pull_request) Failing after 1m15s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Failing after 1m19s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m23s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Successful in 2s
Universal: Build & Release / Build & Release Pipeline (pull_request) Failing after 1m38s
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 13m43s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
- Remove residual <<<<<<< HEAD marker from api_org_test.go
- Convert code.gitea.io/gitea to mokoconsulting paths in 5 new test files:
  cmd/serv_test.go, models/auth/twofactor_test.go,
  modules/git/commit_info_nogogit_test.go,
  routers/private/hook_pre_receive_test.go,
  services/actions/notifier_helper_test.go
- Add changelog entries for new features (#460, #507, #513)

Claude-Session: https://claude.ai/code/session_011AAFzotGMf3ayvXhEmStCd
2026-06-28 03:31:44 -05:00
jmiller 4e5aa5f3ce fix: revert accidental secret scanning code from security fix branch
Universal: PR Check / Branch Policy (pull_request) Failing after 1s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Repo Health / Access control (pull_request) Successful in 1s
Universal: PR Check / Validate PR (pull_request) Failing after 12s
Generic: Project CI / Lint & Validate (pull_request) Successful in 52s
Universal: PR Check / Secret Scan (pull_request) Successful in 54s
PR RC Release / Build RC Release (pull_request) Failing after 2m29s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Failing after 1m17s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
The pre-receive hook had security scanning code from the wrong feature
branch (feature/secret-scanning-clean). Restoring to the correct state
with only upstream security cherry-picks.

Claude-Session: https://claude.ai/code/session_011AAFzotGMf3ayvXhEmStCd
2026-06-28 02:37:49 -05:00
jmiller 9a4aa0fafb fix: log error when pre-receive secret scan cannot read commit
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
PR RC Release / Build RC Release (pull_request) Successful in 3s
Universal: PR Check / Validate PR (pull_request) Failing after 9s
Generic: Project CI / Lint & Validate (pull_request) Successful in 46s
Universal: PR Check / Secret Scan (pull_request) Successful in 2m23s
Universal: Auto Version Bump / Version Bump (push) Successful in 11s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Failing after 3s
Previously, GetCommit failures were silently swallowed, allowing
pushes to proceed without scanning. Now logs the error so admins
can diagnose issues while still allowing the push.

Claude-Session: https://claude.ai/code/session_011AAFzotGMf3ayvXhEmStCd
2026-06-28 02:35:50 -05:00
jmiller e947600ea7 fix: log error when pre-receive secret scan cannot read commit
Universal: PR Check / Branch Policy (pull_request) Failing after 2s
Generic: Repo Health / Access control (pull_request) Successful in 1s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Universal: PR Check / Validate PR (pull_request) Failing after 11s
Generic: Project CI / Lint & Validate (pull_request) Successful in 40s
PR RC Release / Build RC Release (pull_request) Failing after 1m0s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m15s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Failing after 1m12s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
Previously, GetCommit failures were silently swallowed, allowing
pushes to proceed without scanning. Now logs the error so admins
can diagnose issues while still allowing the push.

Claude-Session: https://claude.ai/code/session_011AAFzotGMf3ayvXhEmStCd
2026-06-28 02:35:11 -05:00
jmiller b0bbaab621 docs: add security section to changelog for upstream v1.26.3/v1.26.4 fixes
Claude-Session: https://claude.ai/code/session_011AAFzotGMf3ayvXhEmStCd
2026-06-28 02:35:07 -05:00
jmiller 84df5d7932 feat: register security scanning API routes in router
PR RC Release / Build RC Release (pull_request) Successful in 3s
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Universal: PR Check / Validate PR (pull_request) Failing after 12s
Generic: Project CI / Lint & Validate (pull_request) Successful in 36s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m15s
Universal: Auto Version Bump / Version Bump (push) Successful in 11s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Adds /repos/{owner}/{repo}/security/* route group for security
alert management, scanning, and configuration endpoints.

Claude-Session: https://claude.ai/code/session_011AAFzotGMf3ayvXhEmStCd
2026-06-28 02:33:29 -05:00
jmiller 7b334f94c0 feat: security scanning API endpoints + pre-receive hook blocking (#692)
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
PR RC Release / Build RC Release (pull_request) Successful in 3s
Universal: PR Check / Validate PR (pull_request) Failing after 11s
Generic: Project CI / Lint & Validate (pull_request) Successful in 39s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m5s
Universal: Auto Version Bump / Version Bump (push) Successful in 14s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Add REST API for security alerts (list, get, update status, trigger scan)
and scanner config (get, update). Wire block_on_push into the pre-receive
hook so pushes containing detected secrets are rejected with details.

Claude-Session: https://claude.ai/code/session_011AAFzotGMf3ayvXhEmStCd
2026-06-28 02:30:04 -05:00
jmiller 805c566615 fix: remove leaked security scanning routes from cascade-merge branch
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
PR RC Release / Build RC Release (pull_request) Successful in 2s
Universal: PR Check / Validate PR (pull_request) Failing after 9s
Generic: Project CI / Lint & Validate (pull_request) Successful in 30s
Universal: PR Check / Secret Scan (pull_request) Successful in 57s
Universal: Auto Version Bump / Version Bump (push) Has been cancelled
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
The security route group belongs to feature/secret-scanning (#692) and
was accidentally committed here during parallel agent work.

Claude-Session: https://claude.ai/code/session_011AAFzotGMf3ayvXhEmStCd
2026-06-28 02:29:27 -05:00
jmiller f53bc895ba fix: prevent IDOR in CopyStatusesFromOrg endpoint
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
PR RC Release / Build RC Release (pull_request) Successful in 3s
Universal: PR Check / Validate PR (pull_request) Failing after 10s
Generic: Project CI / Lint & Validate (pull_request) Successful in 43s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m46s
Universal: Auto Version Bump / Version Bump (push) Has been cancelled
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Add source org visibility + membership check before copying statuses.
Non-public source orgs now require the doer to be a member or site admin,
preventing unauthorized enumeration of private org statuses.

Claude-Session: https://claude.ai/code/session_011AAFzotGMf3ayvXhEmStCd
2026-06-28 02:26:23 -05:00
Giteabot 2ff0e4aa21 fix: walk git log context error handling (#38182) (#38185)
Generic: Project CI / Lint & Validate (pull_request) Successful in 35s
Universal: PR Check / Branch Policy (pull_request) Failing after 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Repo Health / Access control (pull_request) Successful in 2s
Universal: PR Check / Validate PR (pull_request) Failing after 10s
PR RC Release / Build RC Release (pull_request) Failing after 1m15s
Universal: PR Check / Secret Scan (pull_request) Successful in 55s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Has been cancelled
Universal: Build & Release / Promote to RC (pull_request) Has been cancelled
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been cancelled
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
Backport #38182

Fix #38177

Make WalkGitLog can handle EOF and context errors correctly, and don't
export these private functions & methods & structs.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2026-06-28 02:24:02 -05:00
bircni c0f89a373d fix(auth): do not auto-reactivate disabled users on OAuth2 callback (#38009) (#38183)
Backport #38009

The OAuth2 sign-in callback unconditionally set IsActive=true on the
local user row whenever the IdP authenticated them, silently undoing an
administrator's "Disable Account" action and granting the user a fresh
session in the same response. Treat the local IsActive flag as an
authoritative admin override: inactive users get a session and are
routed through the existing activate / prohibit-login pages by
verifyAuthWithOptions, matching the local-credentials sign-in path.

Adds an integration regression test that disables a linked local user
and asserts the row stays IsActive=false after a full OIDC callback.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2026-06-28 02:24:00 -05:00
Giteabot 0dc858c15c fix(hostmacher): patch incorrect private list (#38170) (#38173)
Backport #38170 by @TheFox0x7

regression from #38039

Co-authored-by: TheFox0x7 <thefox0x7@gmail.com>
2026-06-28 02:23:35 -05:00
bircni 94590bc834 fix: allow git clone of private repos with anonymous code access (#38074) (#38146)
Backport #38074

Fixes #38062.

Private repositories with a code unit configured for **anonymous read
access** (Settings → Public Access → Code: anonymous view) could not be
cloned without credentials. The git HTTP auth gate (`httpBase`) only
bypassed authentication for non-private repos, ignoring the per-unit
anonymous access setting entirely.

- Check anonymous permissions via
`access_model.GetDoerRepoPermission(ctx, repo, nil)` + `CanAccess`
before requiring auth on pull operations, so the per-unit
`AnonymousAccessMode` is respected through the existing permission model
- This also correctly handles `setting.Repository.ForcePrivate` (which
the naive direct-field check would have missed)
- Push (receive-pack) and `RequireSignInViewStrict` continue to require
credentials as before

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2026-06-28 02:23:33 -05:00
bircni cbf34fb987 fix: Various security fixes (#38103) (#38151)
Backport #38103

- Enforce org visibility on organization label read endpoints (private
org labels no longer leak to non-members).
- Block fork sync (`merge-upstream`) when the base repo is no longer
readable (stops pulling commits after a parent goes private).
- Remove `REVERSE_PROXY_LIMIT` / `REVERSE_PROXY_TRUSTED_PROXIES` from
the Docker `app.ini` templates (the `= *` default allowed
`X-WEBAUTH-USER` impersonation; reverse-proxy auth is now opt-in and
admin-configured).
- Enforce single-use TOTP passcodes across web login, password-reset,
and Basic-Auth `X-Gitea-OTP` (fixes a TOCTOU race and a stateless
replay).
- Re-check branch write permission for every ref in a push (the
pre-receive hook cached the first ref's result, letting a per-branch
maintainer-edit grant escalate to full repo write).

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2026-06-28 02:22:18 -05:00
Lunny Xiao 26ad4fd03f fix(auth): ignore stale OIDC external login links to organizations (#37875) (#38141)
Backport #37875

This fixes an OIDC sign-in edge case where a stale `external_login_user`
record can still point to an organization or a deleted user.

In that situation, Gitea may keep resolving the external login to the
wrong account during sign-in. For affected instances, this matches the
behavior reported in #36439 and #37812, where a user signing in with
OIDC/Entra ID could appear as an organization, or hit a 404 after that
organization was removed.

- validate the user resolved from `external_login_user` during
OAuth2/OIDC login
- ignore stale links when the linked user no longer exists
- ignore stale links when the linked user is not an individual user
- remove the stale external login row so the sign-in flow can relink the
external account to the correct user

- Fixes #37812
- Related to #36439

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Claude (Opus 4.8) <noreply@anthropic.com>
Co-authored-by: bircni <bircni@icloud.com>
2026-06-28 02:20:21 -05:00
bircni bc578b7eba fix: Various sec fixes (#38108) (#38147)
Backport #38108

- Enforce repository token scope on RSS/Atom feed endpoints so a PAT
without repo scope can no longer read private repo commit data.
- Block HTTP redirects during repository migration clones to prevent
SSRF reaching internal addresses via an attacker-controlled redirect.
- Redact the notification subject after repo access is revoked so
private issue/PR metadata is no longer leaked through the notification
API.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2026-06-28 02:18:12 -05:00
Giteabot 186ac68f03 fix: bound debian ParseControlFile to a single control stanza (#38044) (#38055)
Backport #38044 by @metsw24-max

**Packages-index stanza injection via Debian control file**

A `.deb` whose `control` file appends extra paragraphs after a blank
line was still accepted, and `ParseControlFile` stored the whole
multi-stanza blob in `p.Control`. That blob is re-emitted verbatim into
the generated `Packages` index, so the embedded blank line splits it
into separate stanzas and an uploader can smuggle a package entry with
an attacker-chosen `Filename` into the shared index. A binary control
file only holds one stanza, so parsing now stops at the blank line that
terminates it; well-formed packages are unaffected and the new subtest
covers the trailing-stanza case.

Signed-off-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: metsw24-max <metsw24@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: bircni <bircni@icloud.com>
2026-06-28 02:17:28 -05:00
Giteabot fedce235d5 fix(hostmatcher): block reserved IP ranges from external/private filters (#38039) (#38059) 2026-06-28 02:17:27 -05:00
Giteabot d3c6998d3e fix(lfs): require Code-unit access for cross-repo LFS object reuse (#38006) (#38050) 2026-06-28 02:17:27 -05:00
Giteabot e9648f367e fix(actions)!: require merged PR to bypass fork PR approval gate (#38010) (#38041)
Backport #38010 by @bircni

`ifNeedApproval` in `services/actions/notifier_helper.go` decided
whether a
fork PR's workflow run had to wait for maintainer approval. The bypass
clause
counted any prior `approved_by > 0` run for `(repo_id,
trigger_user_id)`, so
the very first Approve-and-run click on a contributor's fork PR
permanently
trusted that user for every future fork PR in the same repository —
including
PRs whose only change is the workflow YAML itself.

Approving a workflow *run* is not the same as merging *code*. This
change
aligns the gate with GitHub Actions' first-time-contributor model: trust
is
granted only after the user has had a pull request merged in the repo.

## Behavior change

- **Before**: one approval = permanent trust for that user in that repo.
- **After**: every fork PR is gated until the contributor has at least
one
  merged PR in the repo.

Existing already-approved runs and merged PRs continue to work; only the
trust criterion for *future* fork PRs changes. Maintainers who rely on
the
implicit "approve once" trust will see the approval banner reappear
until
they merge a PR from that contributor.

---------

Signed-off-by: bircni <bircni@icloud.com>
Co-authored-by: bircni <bircni@icloud.com>
2026-06-28 02:17:26 -05:00
Giteabot 725acbe112 fix: bound CODEOWNERS regex match time (#38011) (#38025)
Backport #38011 by @bircni

User-supplied CODEOWNERS patterns were compiled without a match timeout,
so a crafted pattern (e.g. (a+)+) against a crafted file path could
backtrack for tens of seconds inside the PR creation transaction and
exhaust the database connection pool. Set MatchTimeout on each compiled
rule; the caller already treats match errors as non-matches.

Signed-off-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: bircni <bircni@icloud.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2026-06-28 02:17:26 -05:00
Giteabot 884e568ea2 fix(lfs): reject unknown SSH LFS sub-verbs to prevent auth bypass (#38008) (#38015) 2026-06-28 02:17:25 -05:00
jmiller e99658ddc0 feat(orgs): auto-create default teams on org creation (#513)
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
PR RC Release / Build RC Release (pull_request) Successful in 4s
Universal: PR Check / Validate PR (pull_request) Failing after 14s
Universal: Auto Version Bump / Version Bump (push) Successful in 20s
Generic: Project CI / Lint & Validate (pull_request) Successful in 39s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m57s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Branch Cleanup / Delete merged branch (pull_request) Successful in 2s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
New organizations now get three default teams in addition to Owners:
- Developers (write: code, issues, PRs, wiki, projects; read: releases)
- Reviewers (read: code, issues, PRs, releases, wiki)
- CI/CD (write: actions, packages, releases; read: code)

Teams are defined in DefaultOrgTeams and created inside the same
transaction as the org, so creation is atomic.

Claude-Session: https://claude.ai/code/session_011AAFzotGMf3ayvXhEmStCd
2026-06-28 02:08:47 -05:00
jmiller f627219ca8 feat: cascade merge — auto-create PRs to downstream branches after merge (#460)
Universal: Auto Version Bump / Version Bump (push) Successful in 19s
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
PR RC Release / Build RC Release (pull_request) Successful in 4s
Universal: PR Check / Validate PR (pull_request) Failing after 9s
Generic: Project CI / Lint & Validate (pull_request) Successful in 30s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m7s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Adds configurable cascade rules per repo. When a PR merges into a
source branch, the system auto-creates PRs to each configured target
branch. Skips if a matching PR already exists.

- Model: CascadeMergeRule (repo_id, source, target, enabled, auto_merge)
- Migration v362 creates cascade_merge_rule table
- Notifier hooks into MergePullRequest/AutoMergePullRequest events
- API: CRUD at /repos/{owner}/{repo}/cascade_rules (admin only)

Claude-Session: https://claude.ai/code/session_011AAFzotGMf3ayvXhEmStCd
2026-06-28 02:06:42 -05:00
jmiller df9305758f feat: add issue status presets and cross-org migration (#507)
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
PR RC Release / Build RC Release (pull_request) Successful in 3s
Universal: PR Check / Validate PR (pull_request) Failing after 9s
Universal: Auto Version Bump / Version Bump (push) Successful in 14s
Generic: Project CI / Lint & Validate (pull_request) Successful in 46s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m16s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
4 built-in presets: default, software-development, support-tickets,
bug-tracking. API endpoints to list presets, apply to org, and copy
statuses between orgs. Web UI dropdown on org settings page.

Claude-Session: https://claude.ai/code/session_011AAFzotGMf3ayvXhEmStCd
2026-06-28 02:05:14 -05:00
jmiller ebdf59d64f chore: sync cascade-dev.yml from Template-Generic [skip ci] 2026-06-28 01:21:39 +00:00
jmiller 8ffd2ffe18 Merge pull request 'release: branch protection delete allowlist (#696)' (#707) from dev into main
Deploy MokoGitea / deploy (push) Failing after 3m49s
2026-06-28 01:20:26 +00:00
2445 changed files with 24292 additions and 13232 deletions
View File
+3
View File
@@ -120,3 +120,6 @@ prime/
# A Makefile for custom make targets
Makefile.local
# Local clone of the MCP server (separate repo, not a submodule of this project)
/mcp-mokogit-api/
+4 -4
View File
@@ -44,7 +44,7 @@ linters:
desc: use os or io instead
- pkg: golang.org/x/exp
desc: it's experimental and unreliable
- pkg: code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/git/internal
- pkg: code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/git/internal
desc: do not use the internal package, use AddXxx function instead
- pkg: gopkg.in/ini.v1
desc: do not use the ini package, use gitea's config system instead
@@ -56,9 +56,9 @@ linters:
files:
- '**/models/migrations/**/*.go'
deny:
- pkg: code.mokoconsulting.tech/MokoConsulting/MokoGitea/models$
- pkg: code.mokoconsulting.tech/MokoConsulting/MokoGIT/models$
desc: migrations must not depend on the models package
- pkg: code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/structs
- pkg: code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/structs
desc: migrations must not depend on modules/structs (API structures change over time)
nolintlint:
allow-unused: false
@@ -179,7 +179,7 @@ formatters:
custom-order: true
sections:
- standard
- prefix(code.mokoconsulting.tech/MokoConsulting/MokoGitea)
- prefix(code.mokoconsulting.tech/MokoConsulting/MokoGIT)
- blank
- default
gofumpt:
+42
View File
@@ -0,0 +1,42 @@
# MokoGIT
Fork of Gitea -- self-hosted Git service at git.mokoconsulting.tech. Go backend + TypeScript frontend.
## Quick Reference
| Field | Value |
|---|---|
| **Language** | Go 1.26+ / TypeScript |
| **Module** | `code.mokoconsulting.tech/MokoConsulting/MokoGIT` |
| **Branch** | develop on `dev`, merge to `main` (protected) |
| **Wiki** | [MokoGIT Wiki](https://git.mokoconsulting.tech/MokoConsulting/MokoGIT/wiki) |
## Commands
```bash
make help # List all available targets
make fmt # Format .go files
make lint-go # Lint Go code
make lint-js # Lint TypeScript
make tidy # After go.mod changes
make build # Build binary
# Testing
go test -run '^TestName$' ./modulepath/ # Single Go test
pnpm exec vitest <path-filter> # Single JS test
GITEA_TEST_E2E_FLAGS='<filepath>' make test-e2e # Single Playwright test
```
## Rules
- Add current year copyright header on new `.go` files
- No trailing whitespace in edited files
- Conventional Commits for commit messages and PR titles
- Never force-push, amend, or squash unless asked -- use new commits
- Preserve existing code comments
- TypeScript: use `!` (non-null assertion) not `?.`/`??` when value is known to exist
- CSS: prefer `flex-*` helpers over per-child `tw-ml-*`/`tw-mr-*` margins
- Add `Co-Authored-By` lines to all commits
- **Workflow directory**: `.mokogit/` (not `.gitea/` or `.github/`)
- **Attribution**: `Authored-by: Moko Consulting`
- **Standards**: [MokoStandards](https://git.mokoconsulting.tech/MokoConsulting/mokoplatform/wiki/Home)
+110
View File
@@ -0,0 +1,110 @@
---
name: Architecture Decision Record (ADR)
about: Propose or document an architectural decision
title: '[ADR] '
labels: 'architecture, decision'
assignees: ''
---
## ADR Number
ADR-XXXX
## Status
- [ ] Proposed
- [ ] Accepted
- [ ] Deprecated
- [ ] Superseded by ADR-XXXX
## Context
Describe the issue or problem that motivates this decision.
## Decision
State the architecture decision and provide rationale.
## Consequences
### Positive
- List positive consequences
### Negative
- List negative consequences or trade-offs
### Neutral
- List neutral aspects
## Alternatives Considered
### Alternative 1
- Description
- Pros
- Cons
- Why not chosen
### Alternative 2
- Description
- Pros
- Cons
- Why not chosen
## Implementation Plan
1. Step 1
2. Step 2
3. Step 3
## Stakeholders
- **Decision Makers**: @user1, @user2
- **Consulted**: @user3, @user4
- **Informed**: team-name
## Technical Details
### Architecture Diagram
```
[Add diagram or link]
```
### Dependencies
- Dependency 1
- Dependency 2
### Impact Analysis
- **Performance**: [Impact description]
- **Security**: [Impact description]
- **Scalability**: [Impact description]
- **Maintainability**: [Impact description]
## Testing Strategy
- [ ] Unit tests
- [ ] Integration tests
- [ ] Performance tests
- [ ] Security tests
## Documentation
- [ ] Architecture documentation updated
- [ ] API documentation updated
- [ ] Developer guide updated
- [ ] Runbook created
## Migration Path
Describe how to migrate from current state to new architecture.
## Rollback Plan
Describe how to rollback if issues occur.
## Timeline
- **Proposal Date**:
- **Decision Date**:
- **Implementation Start**:
- **Expected Completion**:
## References
- Related ADRs:
- External resources:
- RFCs:
## Review Checklist
- [ ] Aligns with enterprise architecture principles
- [ ] Security implications reviewed
- [ ] Performance implications reviewed
- [ ] Cost implications reviewed
- [ ] Compliance requirements met
- [ ] Team consensus achieved
+48
View File
@@ -0,0 +1,48 @@
---
name: Bug Report
about: Report a bug or issue with the project
title: '[BUG] '
labels: 'bug'
assignees: ''
---
## Bug Description
A clear and concise description of what the bug is.
## Steps to Reproduce
1. Go to '...'
2. Click on '...'
3. Scroll down to '...'
4. See error
## Expected Behavior
A clear and concise description of what you expected to happen.
## Actual Behavior
A clear and concise description of what actually happened.
## Screenshots
If applicable, add screenshots to help explain your problem.
## Environment
- **Project**: [e.g., MokoDoliTools, moko-cassiopeia]
- **Version**: [e.g., 1.2.3]
- **Platform**: [e.g., Dolibarr 18.0, Joomla 5.0]
- **PHP Version**: [e.g., 8.1]
- **Database**: [e.g., MySQL 8.0, PostgreSQL 14]
- **Browser** (if applicable): [e.g., Chrome 120, Firefox 121]
- **OS**: [e.g., Ubuntu 22.04, Windows 11]
## Additional Context
Add any other context about the problem here.
## Possible Solution
If you have suggestions on how to fix the issue, please describe them here.
## Checklist
- [ ] I have searched for similar issues before creating this one
- [ ] I have provided all the requested information
- [ ] I have tested this on the latest stable version
- [ ] I have checked the documentation and couldn't find a solution
+18
View File
@@ -0,0 +1,18 @@
---
blank_issues_enabled: true
contact_links:
- name: 💼 Enterprise Support
url: https://mokoconsulting.tech/enterprise
about: Enterprise-level support and consultation services
- name: 💬 Ask a Question
url: https://mokoconsulting.tech/
about: Get help or ask questions through our website
- name: 📚 MokoStandards Documentation
url: https://code.mokoconsulting.tech/MokoConsulting/mokoplatform
about: View our coding standards and best practices
- name: 🔒 Report a Security Vulnerability
url: https://code.mokoconsulting.tech/mokoconsulting-tech/.github-private/security/advisories/new
about: Report security vulnerabilities privately (for critical issues)
- name: 💡 Community Discussions
url: https://github.com/orgs/mokoconsulting-tech/discussions
about: Join community discussions and Q&A
+52
View File
@@ -0,0 +1,52 @@
---
name: Documentation Issue
about: Report an issue with documentation
title: '[DOCS] '
labels: 'documentation'
assignees: ''
---
## Documentation Issue
**Location**:
<!-- Specify the file, page, or section with the issue -->
## Issue Type
<!-- Mark the relevant option with an "x" -->
- [ ] Typo or grammar error
- [ ] Outdated information
- [ ] Missing documentation
- [ ] Unclear explanation
- [ ] Broken links
- [ ] Missing examples
- [ ] Other (specify below)
## Description
<!-- Clearly describe the documentation issue -->
## Current Content
<!-- Quote or describe the current documentation (if applicable) -->
```
Current text here
```
## Suggested Improvement
<!-- Provide your suggestion for how to improve the documentation -->
```
Suggested text here
```
## Additional Context
<!-- Add any other context, screenshots, or references -->
## Standards Alignment
- [ ] Follows MokoStandards documentation guidelines
- [ ] Uses en_US/en_GB localization
- [ ] Includes proper SPDX headers where applicable
## Checklist
- [ ] I have searched for similar documentation issues
- [ ] I have provided a clear description
- [ ] I have suggested an improvement (if applicable)
@@ -0,0 +1,51 @@
---
name: Feature Request
about: Suggest a new feature or enhancement
title: '(feat) '
labels: 'enhancement'
assignees: ''
---
## Feature Description
A clear and concise description of the feature you'd like to see.
## Problem or Use Case
Describe the problem this feature would solve or the use case it addresses.
Ex. I'm always frustrated when [...]
## Proposed Solution
A clear and concise description of what you want to happen.
## Alternative Solutions
A clear and concise description of any alternative solutions or features you've considered.
## Benefits
Describe how this feature would benefit users:
- Who would use this feature?
- What problems does it solve?
- What value does it add?
## Implementation Details (Optional)
If you have ideas about how this could be implemented, share them here:
- Technical approach
- Files/components that might need changes
- Any concerns or challenges you foresee
## Additional Context
Add any other context, mockups, or screenshots about the feature request here.
## Relevant Standards
Does this relate to any standards in [MokoStandards](https://code.mokoconsulting.tech/MokoConsulting/MokoStandards)?
- [ ] Accessibility (WCAG 2.1 AA)
- [ ] Localization (en_US/en_GB)
- [ ] Security best practices
- [ ] Code quality standards
- [ ] Other: [specify]
## Checklist
- [ ] I have searched for similar feature requests before creating this one
- [ ] I have clearly described the use case and benefits
- [ ] I have considered alternative solutions
- [ ] This feature aligns with the project's goals and scope
+82
View File
@@ -0,0 +1,82 @@
---
name: Question
about: Ask a question about usage, features, or best practices
title: '[QUESTION] '
labels: ['question']
assignees: ['jmiller']
---
## Question
**Your question:**
## Context
**What are you trying to accomplish?**
**What have you already tried?**
**Category**:
- [ ] Script usage
- [ ] Configuration
- [ ] Workflow setup
- [ ] Documentation interpretation
- [ ] Best practices
- [ ] Integration
- [ ] Other: __________
## Environment (if relevant)
**Your setup**:
- Operating System:
- Version:
## What You've Researched
**Documentation reviewed**:
- [ ] README.md
- [ ] Project documentation
- [ ] Other (specify): __________
**Similar issues/questions found**:
- #
- #
## Expected Outcome
**What result are you hoping for?**
## Code/Configuration Samples
**Relevant code or configuration** (if applicable):
```bash
# Your code here
```
## Additional Context
**Any other relevant information:**
**Screenshots** (if helpful):
## Urgency
- [ ] Urgent (blocking work)
- [ ] Normal (can work on other things meanwhile)
- [ ] Low priority (just curious)
## Checklist
- [ ] I have searched existing issues and discussions
- [ ] I have reviewed relevant documentation
- [ ] I have provided sufficient context
- [ ] I have included code/configuration samples if relevant
- [ ] This is a genuine question (not a bug report or feature request)
+126
View File
@@ -0,0 +1,126 @@
---
name: Request for Comments (RFC)
about: Propose a significant change for community discussion
title: '[RFC] '
labels: 'rfc, discussion'
assignees: ''
---
## RFC Summary
One-paragraph summary of the proposal.
## Motivation
Why are we doing this? What use cases does it support? What is the expected outcome?
## Detailed Design
### Overview
Provide a detailed explanation of the proposed change.
### API Changes (if applicable)
```php
// Before
function oldApi($param1) { }
// After
function newApi($param1, $param2) { }
```
### User Experience Changes
Describe how users will interact with this change.
### Implementation Approach
High-level implementation strategy.
## Drawbacks
Why should we *not* do this?
## Alternatives
What other designs have been considered? What is the impact of not doing this?
### Alternative 1
- Description
- Trade-offs
### Alternative 2
- Description
- Trade-offs
## Adoption Strategy
How will existing users adopt this? Is this a breaking change?
### Migration Guide
```bash
# Steps to migrate
```
### Deprecation Timeline
- **Announcement**:
- **Deprecation**:
- **Removal**:
## Unresolved Questions
- Question 1
- Question 2
## Future Possibilities
What future work does this enable?
## Impact Assessment
### Performance
Expected performance impact.
### Security
Security considerations and implications.
### Compatibility
- **Backward Compatible**: [Yes / No]
- **Breaking Changes**: [List]
### Maintenance
Long-term maintenance considerations.
## Community Input
### Stakeholders
- [ ] Core team
- [ ] Module developers
- [ ] End users
- [ ] Enterprise customers
### Feedback Period
**Duration**: [e.g., 2 weeks]
**Deadline**: [date]
## Implementation Timeline
### Phase 1: Design
- [ ] RFC discussion
- [ ] Design finalization
- [ ] Approval
### Phase 2: Implementation
- [ ] Core implementation
- [ ] Tests
- [ ] Documentation
### Phase 3: Release
- [ ] Beta release
- [ ] Feedback collection
- [ ] Stable release
## Success Metrics
How will we measure success?
- Metric 1
- Metric 2
## References
- Related RFCs:
- External documentation:
- Prior art:
## Open Questions for Community
1. Question 1?
2. Question 2?
---
**Note**: This RFC is open for community discussion. Please provide feedback in the comments below.
+51
View File
@@ -0,0 +1,51 @@
---
name: Security Vulnerability Report
about: Report a security vulnerability (use only for non-critical issues)
title: '[SECURITY] '
labels: 'security'
assignees: ''
---
## ⚠️ IMPORTANT: Private Disclosure Required
**For critical security vulnerabilities, DO NOT use this template.**
Follow the process in [SECURITY.md](../SECURITY.md) for responsible disclosure.
Use this template only for:
- Security improvements
- Non-critical security suggestions
- Security documentation updates
---
## Security Issue
**Severity**:
<!-- Low, Medium, or informational only -->
## Description
<!-- Describe the security concern or improvement suggestion -->
## Affected Components
<!-- List the affected files, features, or components -->
## Suggested Mitigation
<!-- Describe how this could be addressed -->
## Standards Reference
Does this relate to security standards in [MokoStandards](https://code.mokoconsulting.tech/MokoConsulting/MokoStandards)?
- [ ] SPDX license identifiers
- [ ] Secret management
- [ ] Dependency security
- [ ] Access control
- [ ] Other: [specify]
## Additional Context
<!-- Add any other context about the security concern -->
## Checklist
- [ ] This is NOT a critical vulnerability requiring private disclosure
- [ ] I have reviewed the SECURITY.md policy
- [ ] I have provided sufficient detail for evaluation
@@ -0,0 +1,9 @@
---
name: ".mokogit Test Template"
about: "Verify .mokogit issue templates work"
labels: ["test"]
---
This template was loaded from `.mokogit/ISSUE_TEMPLATE/`.
If you can see this, the `.mokogit` dot-folder feature is working.
+24
View File
@@ -0,0 +1,24 @@
---
name: Version Bump
about: Request or track a version change
title: '[VERSION] '
labels: 'version, type: version'
assignees: 'jmiller'
---
## Version Change
**Current version**: <!-- e.g., 01.02.03 -->
**Requested version**: <!-- e.g., 01.03.00 -->
**Change type**: <!-- patch / minor / major -->
## Reason
<!-- Why is this version bump needed? -->
## Checklist
- [ ] README.md `VERSION:` field updated
- [ ] CHANGELOG.md entry added
- [ ] Module descriptor version updated (Dolibarr: `$this->version`, Joomla: `<version>`)
- [ ] All file headers will be auto-propagated by `sync-version-on-merge` workflow
+251
View File
@@ -0,0 +1,251 @@
# Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
# SPDX-License-Identifier: GPL-3.0-or-later
# FILE INFORMATION
# DEFGROUP: Gitea.Workflow
# INGROUP: mokoplatform.Automation
# REPO: https://code.mokoconsulting.tech/MokoConsulting/mokoplatform
# PATH: /.gitea/workflows/branch-protection.yml
# BRIEF: Apply standardised branch protection rules to all governed repositories
#
# +========================================================================+
# | BRANCH PROTECTION SETUP |
# +========================================================================+
# | |
# | Applies protection rules for: main, dev, rc, beta, alpha |
# | |
# | main — Require PR, block rejected reviews, no force push |
# | dev — Allow push, no force push, no delete |
# | rc — Allow push, no force push, no delete |
# | beta — Allow push, no force push, no delete |
# | alpha — Allow push, no force push, no delete |
# | |
# | jmiller has override authority on all branches. |
# | |
# +========================================================================+
name: Branch Protection Setup
on:
schedule:
- cron: '0 2 * * 1' # Weekly Monday 02:00 UTC
workflow_dispatch:
inputs:
dry_run:
description: 'Preview mode (no changes)'
required: false
type: boolean
default: false
repos:
description: 'Comma-separated repo names (empty = all governed repos)'
required: false
type: string
default: ''
env:
GITEA_URL: https://code.mokoconsulting.tech
GITEA_ORG: MokoConsulting
permissions:
contents: read
jobs:
protect:
name: Apply Branch Protection Rules
runs-on: ubuntu-latest
steps:
- name: Determine target repos
id: repos
env:
MOKOGITEA_TOKEN: ${{ secrets.MOKOGITEA_TOKEN }}
run: |
API="${GITEA_URL}/api/v1"
# Platform/standards/infra repos to exclude
EXCLUDE="gitea-org-config org-profile gitea-private .mokogit-private MokoStandards mokoplatform MokoTesting"
EXCLUDE="$EXCLUDE MokoStandards-Template-Client MokoStandards-Template-Dolibarr MokoStandards-Template-Generic MokoStandards-Template-Joomla MokoDoliProjTemplate"
if [ -n "${{ inputs.repos }}" ]; then
# User-specified repos
REPOS=$(echo "${{ inputs.repos }}" | tr ',' ' ')
else
# Fetch all org repos
PAGE=1
REPOS=""
while true; do
BATCH=$(curl -sS \
-H "Authorization: token ${MOKOGITEA_TOKEN}" \
"${API}/orgs/${GITEA_ORG}/repos?page=${PAGE}&limit=50" \
| jq -r '.[].name // empty')
[ -z "$BATCH" ] && break
REPOS="$REPOS $BATCH"
PAGE=$((PAGE + 1))
done
# Filter out excluded repos
FILTERED=""
for REPO in $REPOS; do
SKIP=false
for EX in $EXCLUDE; do
if [ "$REPO" = "$EX" ]; then
SKIP=true
break
fi
done
if [ "$SKIP" = "false" ]; then
FILTERED="$FILTERED $REPO"
fi
done
REPOS="$FILTERED"
fi
echo "repos=$REPOS" >> "$GITHUB_OUTPUT"
COUNT=$(echo "$REPOS" | wc -w)
echo "📋 Target repos (${COUNT}): $REPOS"
- name: Apply protection rules
env:
MOKOGITEA_TOKEN: ${{ secrets.MOKOGITEA_TOKEN }}
DRY_RUN: ${{ inputs.dry_run || 'false' }}
run: |
API="${GITEA_URL}/api/v1"
REPOS="${{ steps.repos.outputs.repos }}"
SUCCESS=0
FAILED=0
SKIPPED=0
# ── Rule definitions ──────────────────────────────────────
# Only the CI bot (jmiller token) can push directly.
# All human contributors must use PRs.
# Force push disabled on all branches.
RULE_MAIN='{
"rule_name": "main",
"enable_push": true,
"enable_push_whitelist": true,
"push_whitelist_usernames": ["jmiller"],
"enable_force_push": false,
"enable_force_push_allowlist": false,
"force_push_allowlist_usernames": [],
"enable_merge_whitelist": false,
"required_approvals": 0,
"dismiss_stale_approvals": true,
"block_on_rejected_reviews": true,
"block_on_outdated_branch": false,
"priority": 1
}'
RULE_DEV='{
"rule_name": "dev",
"enable_push": true,
"enable_push_whitelist": true,
"push_whitelist_usernames": ["jmiller"],
"enable_force_push": false,
"enable_force_push_allowlist": false,
"force_push_allowlist_usernames": [],
"enable_merge_whitelist": false,
"required_approvals": 0,
"block_on_rejected_reviews": false,
"priority": 2
}'
RULE_RC='{
"rule_name": "rc",
"enable_push": true,
"enable_push_whitelist": true,
"push_whitelist_usernames": ["jmiller"],
"enable_force_push": false,
"enable_force_push_allowlist": false,
"force_push_allowlist_usernames": [],
"enable_merge_whitelist": false,
"required_approvals": 0,
"block_on_rejected_reviews": false,
"priority": 3
}'
RULE_BETA='{
"rule_name": "beta",
"enable_push": true,
"enable_push_whitelist": true,
"push_whitelist_usernames": ["jmiller"],
"enable_force_push": false,
"enable_force_push_allowlist": false,
"force_push_allowlist_usernames": [],
"enable_merge_whitelist": false,
"required_approvals": 0,
"block_on_rejected_reviews": false,
"priority": 4
}'
RULE_ALPHA='{
"rule_name": "alpha",
"enable_push": true,
"enable_push_whitelist": true,
"push_whitelist_usernames": ["jmiller"],
"enable_force_push": false,
"enable_force_push_allowlist": false,
"force_push_allowlist_usernames": [],
"enable_merge_whitelist": false,
"required_approvals": 0,
"block_on_rejected_reviews": false,
"priority": 5
}'
RULES=("$RULE_MAIN" "$RULE_DEV" "$RULE_RC" "$RULE_BETA" "$RULE_ALPHA")
RULE_NAMES=("main" "dev" "rc" "beta" "alpha")
# ── Apply rules to each repo ──────────────────────────────
for REPO in $REPOS; do
echo ""
echo "═══ ${REPO} ═══"
for i in "${!RULES[@]}"; do
RULE="${RULES[$i]}"
NAME="${RULE_NAMES[$i]}"
if [ "$DRY_RUN" = "true" ]; then
echo " [DRY RUN] Would apply rule: ${NAME}"
SKIPPED=$((SKIPPED + 1))
continue
fi
# Delete existing rule if present (idempotent recreate)
ENCODED_NAME=$(echo "$NAME" | sed 's|/|%2F|g')
curl -sS -o /dev/null -w "" \
-X DELETE \
-H "Authorization: token ${MOKOGITEA_TOKEN}" \
"${API}/repos/${GITEA_ORG}/${REPO}/branch_protections/${ENCODED_NAME}" 2>/dev/null || true
# Create rule
RESPONSE=$(curl -sS -w "\n%{http_code}" \
-X POST \
-H "Authorization: token ${MOKOGITEA_TOKEN}" \
-H "Content-Type: application/json" \
-d "$RULE" \
"${API}/repos/${GITEA_ORG}/${REPO}/branch_protections")
HTTP=$(echo "$RESPONSE" | tail -1)
BODY=$(echo "$RESPONSE" | sed '$d')
if [ "$HTTP" = "201" ]; then
echo " ✅ ${NAME}"
SUCCESS=$((SUCCESS + 1))
else
echo " ❌ ${NAME} (HTTP ${HTTP}): $(echo "$BODY" | jq -r '.message // .' 2>/dev/null | head -1)"
FAILED=$((FAILED + 1))
fi
done
done
# ── Summary ───────────────────────────────────────────────
echo ""
echo "════════════════════════════════════════"
echo " ✅ Success: ${SUCCESS}"
echo " ❌ Failed: ${FAILED}"
echo " ⏭️ Skipped: ${SKIPPED}"
echo "════════════════════════════════════════"
if [ "$FAILED" -gt 0 ]; then
echo "::warning::${FAILED} rule(s) failed to apply"
fi
+42
View File
@@ -0,0 +1,42 @@
<!-- NOTE: If your issue is a security concern, please send an email to security@gitea.io instead of opening a public issue -->
<!--
1. Please speak English, this is the language all maintainers can speak and write.
2. Please ask questions or configuration/deploy problems on our Discord
server (https://discord.gg/gitea) or forum (https://forum.gitea.com).
3. Please take a moment to check that your issue doesn't already exist.
4. Make sure it's not mentioned in the FAQ (https://docs.gitea.com/help/faq)
5. Please give all relevant information below for bug reports, because
incomplete details will be handled as an invalid report.
-->
- Gitea version (or commit ref):
- Git version:
- Operating system:
<!-- Please include information on whether you built gitea yourself, used one of our downloads or are using some other package -->
<!-- Please also tell us how you are running gitea, e.g. if it is being run from docker, a command-line, systemd etc. --->
<!-- If you are using a package or systemd tell us what distribution you are using -->
- Database (use `[x]`):
- [ ] PostgreSQL
- [ ] MySQL
- [ ] MSSQL
- [ ] SQLite
- Can you reproduce the bug at https://demo.gitea.com:
- [ ] Yes (provide example URL)
- [ ] No
- Log gist:
<!-- It really is important to provide pertinent logs -->
<!-- Please read https://docs.gitea.com/administration/logging-config#collecting-logs-for-help -->
<!-- In addition, if your problem relates to git commands set `RUN_MODE=dev` at the top of app.ini -->
## Description
<!-- If using a proxy or a CDN (e.g. CloudFlare) in front of gitea, please
disable the proxy/CDN fully and connect to gitea directly to confirm
the issue still persists without those services. -->
...
## Screenshots
<!-- **If this issue involves the Web Interface, please include a screenshot** -->
+44 -3
View File
@@ -2,13 +2,24 @@
## [Unreleased]
### Changed
- **Rebrand: MokoGitea → MokoGIT (complete retirement of the MokoGitea name).** Go module path `code.mokoconsulting.tech/MokoConsulting/MokoGitea``.../MokoGIT` (all imports + `go.mod`); default app name `MokoGitea``MokoGIT`; the in-repo config directory and the special org profile/wiki repo names `.mokogitea` / `.mokogitea-private``.mokogit` / `.mokogit-private`; the Actions system user `mokogitea-actions``mokogit-actions` (DB migration #369); Docker image, ntfy topic, mail tags, and remaining lowercase `mokogitea` references → `mokogit`; bundled the Moko `favicon.svg` as the app icon and PWA manifest icon. Shared `MOKOGITEA_*` CI/compose env-var and org-secret names are renamed in the coordinated server cutover (not in this repo change) to avoid breaking cross-repo CI mid-transition.
### Added
- Metadata platform options are now **admin-configurable** instead of hardcoded: a new **Admin → Metadata** page edits the allowed `platform` values (persisted to `app.ini` `[metadata] PLATFORM_OPTIONS`, default `joomla,dolibarr,go,npm,generic`), and the repo Settings → Metadata platform dropdown reads from it. Changing the taxonomy no longer needs a code change/redeploy. A repo's existing platform value stays selectable even if later removed from the list (#777)
- Org branch protection: repositories now show the inherited organization rules read-only in their Branch Protection settings, with an expandable detail (direct push, force-push, branch deletion, merge restrictions, required approvals, status checks, protected files, and whitelisted teams) — like GitHub surfaces org rulesets in a repo (#727)
- Org branch protection: org-level rules can now also protect against branch deletion (`enable_delete` + delete allowlist teams), mirroring the per-repo delete allowlist (#727)
- Org-level tag protection: protect tag patterns org-wide (e.g. `v*`) with a team allowlist, layered on top of each repo's own protected tags — a tag is controllable only if allowed at both levels (fail-closed). API at `/orgs/{org}/tag_protections`; enforced at the git push/delete hook and the release create/delete paths; shown read-only in the repo Tag settings (#727)
- Org-level push policy: one policy per org, enforced in the pre-receive hook across all its repositories — branch/tag name conventions (glob), a mandatory secret-scanning block-on-push that repos cannot disable, a max pushed-file size, and blocked file-path patterns. API at `/orgs/{org}/push_policy`. Naming is fail-closed; the content checks (blocked paths, max size) fail open on error so a policy bug can never block every push (#727)
- Org-level repository defaults: an org can force new/transferred repositories private and set default pull-request settings (allowed merge styles, default merge style, auto-delete branch after merge), applied via a notifier when a repo is created in or transferred into the org (best-effort — never blocks repo creation). API at `/orgs/{org}/repo_defaults` (#727)
- Org-level email domain policy: restrict which email domains an organization's members may have — a user can only be added to the org (via any team) if their primary email matches one of the allowed domain globs. Enforced at the single membership-add choke point (`AddTeamMember`); API at `/orgs/{org}/email_domain_policy` (#727)
- Code security scanner: pattern-based detection of SQL injection, XSS, command injection, path traversal, insecure deserialization, hardcoded credentials, and weak cryptography across Go/PHP/Python/JS/TS (#552)
- Cascade merge: auto-create PRs to downstream branches after merge with configurable rules per repo (#460)
- Issue status presets: 4 built-in templates (default, software-development, support-tickets, bug-tracking) with API + web UI (#507)
- Cross-org status migration: copy status definitions from one org to another via API (#507)
- Auto-create default teams on org creation: Developers (write), Reviewers (read), CI/CD (actions+packages) (#513)
- Branch protection delete allowlist: configurable per-user/team/deploy-key allowlist for deleting protected branches (#696)
- Workflow subdirectory discovery: workflows in subdirectories of `.mokogitea/workflows/` are now auto-discovered (#693)
- Workflow subdirectory discovery: workflows in subdirectories of `.mokogit/workflows/` are now auto-discovered (#693)
- API token scope `read:licensing` / `write:licensing` for licensing endpoints (#697)
- Edit API token scopes: PATCH /users/{username}/tokens/{id} API endpoint + web UI edit button (#697)
- Wiki full-text search: case-insensitive search across all wiki page titles and content (#550)
@@ -30,7 +41,7 @@
- Domain activation tracking with limit enforcement and auto-activate on first use
- 13 seeded product tiers from base to enterprise
- DLID-gated update XML endpoint: GET /api/v1/licensing/updates/{product}.xml
- Profile repo fallback chain: .mokogitea > .profile > .github
- Profile repo fallback chain: .mokogit > .profile > .github
- Metadata/manifest GET endpoint publicly accessible without auth (#676)
- Org wiki: folder-based collapsible tree sidebar, _Sidebar.md overrides (#680)
- Wiki backlinks: "What links here" page showing all pages referencing current page (#669)
@@ -40,7 +51,37 @@
- Wiki recent changes page: cross-page edit activity with pagination (#670)
- Wiki page rename with automatic redirects via YAML frontmatter (#672)
### Security
- Cherry-pick upstream v1.26.3: LFS reject unknown SSH sub-verbs to prevent auth bypass (#38015)
- Cherry-pick upstream v1.26.3: bound CODEOWNERS regex match time — ReDoS prevention (#38025)
- Cherry-pick upstream v1.26.3: require merged PR to bypass fork PR approval gate (#38041)
- Cherry-pick upstream v1.26.3: LFS require Code-unit access for cross-repo object reuse (#38050)
- Cherry-pick upstream v1.26.3: hostmatcher block reserved IP ranges — SSRF prevention (#38059)
- Cherry-pick upstream v1.26.3: bound debian ParseControlFile — DoS prevention (#38055)
- Cherry-pick upstream v1.26.3: feed token scope, migration SSRF, notification redaction (#38147)
- Cherry-pick upstream v1.26.3: OIDC ignore stale external login links to organizations (#38141)
- Cherry-pick upstream v1.26.3: 2FA timing, branch delete auth, org labels visibility, merge upstream auth (#38151)
- Cherry-pick upstream v1.26.3: allow git clone of private repos with anonymous code access (#38146)
- Cherry-pick upstream v1.26.3: hostmatcher patch incorrect private IP list (#38173)
- Cherry-pick upstream v1.26.4: do not auto-reactivate disabled users on OAuth2 callback (#38183)
- Cherry-pick upstream v1.26.4: walk git log context error handling — regression fix (#38185)
### Fixed
- Repo metadata `org` is now **derived from the org profile** (the repository owner) instead of being stored/editable, so it can never drift when an organization is renamed. The `org` column is dropped from `repo_manifest` (migration #368) and the field is derived on read via `Repository.DerivedOrgName` (owner display name, falling back to the handle) across the metadata API, the Settings → Metadata page (now read-only), and the Joomla update-server feed. The API `PUT` and MCP `metadata_update` now ignore `org` (read-only, like the already-derived `display_name`) (#771)
- Admin Branding: uploading a custom **Nav Icon** now also sets the **app icon** (`logo.png`, the PWA / web-manifest icon and navbar fallback), so a branded instance shows its own installable app icon instead of the shipped default; resetting the Nav Icon reverts both (#773)
- Fork server binary now compiles: `routers/api/v1/api.go` called `organization.HasOrgOrUserVisible`, which had been renamed to `IsOwnerVisibleToDoer`; the one missed call site broke `go build` of the entire `routers/api/v1` package (CI's Lint & Validate does not run a full build, so it went unnoticed) (#735)
- Dev deploy workflow: the build/deploy step referenced runner-side values as `\$TAG` / `\$REGISTRY_TOKEN` inside an unquoted SSH heredoc, deferring expansion to the remote shell where those names are unset — the Docker tag collapsed to an empty `mokogit:` and every dev deploy failed with `invalid reference format`. Runner values are now injected via an ssh env-prefix and the heredoc is quoted so each `$var` expands in exactly one place (#737)
- Repaired unit-test compile and `go vet` failures: `CryptoRandomInt/String/Bytes` now return two values (updated `modules/util/util_test.go`), removed a redundant `&&` condition in `issue_comment.go`, and cleaned up isolated integration-test compile errors (#736)
- Removed a stray `package-lock.json` (13.9k lines) that a `git add -A` had accidentally swept into the org-push-policy branch (#734)
- Org-level branch protection now **layers** with per-repo rules instead of being ignored whenever a repo rule exists. When both an org rule and a repo rule match a branch, the effective rule is the most-restrictive (fail-closed) combination — the org rule is a mandatory floor a repo cannot weaken: allow flags AND'd, gate/require/block flags OR'd, required approvals max'd, status checks and protected-file patterns unioned, whitelists intersected. Previously a repo rule shadowed the org rule entirely at the enforcement choke point (`GetFirstMatchProtectedBranchRule`), letting a repo opt out of org protection (#727)
- Org Teams page: list now renders — the handler wrote `ctx.Data["OrgListTeams"]` but the template reads `.Teams`, so the page showed header/nav but no teams (#720)
- Issue type: now editable after creation for users with issue write permission — the sidebar gated editing on a `FieldEditFlags` data key that was never populated (always read-only); now uses `HasIssuesOrPullsWritePermission` like the priority field (#721)
- Admin config form: radio inputs (e.g. instance landing page Mode) no longer throw "Unsupported config form value mapping", which had aborted all JS init on the admin settings page
- PR check branch policy: allow `fix/*``main` and `patch/*``main` to match documented policy (was rejecting fix/patch PRs to main)
- PR check platform detection: guard for missing `.mokogit/manifest.xml` so the Validate PR job no longer aborts under `set -e` (manifest replaced by metadata API)
- Remove dangling `mcp-mokogit-api` submodule gitlink (no `.gitmodules` entry) that broke `submodule update --init` at checkout, failing all PR build/release jobs; ignore the local clone path
- PR RC Release workflow: no-op cleanly when `updates.xml` is absent (generic repos) instead of aborting the "Determine RC version" step under `set -e`
- PR check: platform detection now queries metadata API instead of removed manifest.xml
- Cherry-pick upstream v1.26.2: handle empty pull request files view to allow reviews (#37783)
- Cherry-pick upstream v1.26.2: fix "run as root" check with snap container detection (#37622)
- Cherry-pick upstream: ack re-sent UpdateLog finalize idempotently (#37885)
@@ -62,7 +103,7 @@
- Issue statuses template: garbled em-dash character replaced
### Changed
- Custom workflows moved to `.mokogitea/workflows/custom/`: deploy-mokogitea, deploy-dev, cascade-dev, pr-rc-release, test-mokogitea, upstream-bug-sync
- Custom workflows moved to `.mokogit/workflows/custom/`: deploy-mokogit, deploy-dev, cascade-dev, pr-rc-release, test-mokogit, upstream-bug-sync
- Issue status seed defaults: Open, In Progress, Waiting, In Review, Closed, Won't Fix
- Pre-release workflow: auto-bump skipped for non-Joomla repos (platform check)
- CI issue reporter: moved to MokoCLI (cli/ci_issue_reporter.sh), pr-check and repo-health now use ci-issue-reporter.yml reusable workflow
+1 -1
View File
@@ -119,7 +119,7 @@ This ensures Joomla sites on ANY stability channel see the update (Joomla only s
The version tools update all files containing version stamps:
- `.mokogitea/manifest.xml` (canonical source)
- `.mokogit/manifest.xml` (canonical source)
- Joomla XML manifests (`<version>` tag)
- `README.md`, `CHANGELOG.md` (`VERSION:` pattern)
- `package.json`, `pyproject.toml`
+3 -3
View File
@@ -21,7 +21,7 @@ RUN apk --no-cache add \
build-base \
git
WORKDIR ${GOPATH}/src/code.mokoconsulting.tech/MokoConsulting/MokoGitea
WORKDIR ${GOPATH}/src/code.mokoconsulting.tech/MokoConsulting/MokoGIT
COPY go.mod go.sum ./
RUN go mod download
# Use COPY instead of bind mount as read-only one breaks makefile state tracking
@@ -43,7 +43,7 @@ RUN chmod 755 /tmp/local/usr/bin/entrypoint \
/tmp/local/etc/s6/gitea/* \
/tmp/local/etc/s6/openssh/* \
/tmp/local/etc/s6/.s6-svscan/* \
/go/src/code.mokoconsulting.tech/MokoConsulting/MokoGitea/gitea
/go/src/code.mokoconsulting.tech/MokoConsulting/MokoGIT/gitea
FROM docker.io/library/alpine:3.23 AS gitea
@@ -75,7 +75,7 @@ RUN addgroup \
echo "git:*" | chpasswd -e
COPY --from=build-env /tmp/local /
COPY --from=build-env /go/src/code.mokoconsulting.tech/MokoConsulting/MokoGitea/gitea /app/gitea/gitea
COPY --from=build-env /go/src/code.mokoconsulting.tech/MokoConsulting/MokoGIT/gitea /app/gitea/gitea
# Disable openssh s6 service — we use external SSH (port 2222 via host).
RUN printf '#!/bin/sh\nexec sleep infinity\n' > /etc/s6/openssh/run && chmod 755 /etc/s6/openssh/run
@@ -2,7 +2,7 @@
"folders":
[
{
"name":"MokoGitea",
"name":"MokoGIT",
"path": ".",
"folder_exclude_patterns":
[
+14 -9
View File
@@ -1,6 +1,6 @@
# MokoGitea
# MokoGIT
Custom Gitea fork with enhanced wiki system, DLID licensing, issue statuses, org metadata, CI standardization, and project board API.
Custom Gitea fork with enhanced wiki system, DLID licensing, issue statuses, cascade merge, security scanning, org-level governance, org metadata, CI standardization, and project board API.
![Language](https://img.shields.io/badge/Go-00ADD8?style=flat-square&logo=go&logoColor=white) ![License](https://img.shields.io/badge/license-GPL--3.0--or--later-green?style=flat-square)
@@ -8,25 +8,30 @@ Custom Gitea fork with enhanced wiki system, DLID licensing, issue statuses, org
## Key Features
- **Wiki System** -- wikilinks, categories, backlinks, template transclusion, revision diffs, rename redirects, folder ACL, enhanced ToC, print view, ZIP export ([details](https://git.mokoconsulting.tech/MokoConsulting/.mokogitea/wiki/standards/Wiki-Features))
- **Wiki System** -- wikilinks, categories, backlinks, template transclusion, revision diffs, rename redirects, folder ACL, enhanced ToC, print view, ZIP export ([details](https://git.mokoconsulting.tech/MokoConsulting/.mokogit/wiki/standards/Wiki-Features))
- **DLID Licensing** -- license management, entitlements, domain activations, ed25519-signed downloads
- **API Token Scope Editing** -- edit token scopes via API (PATCH) or web UI after creation
- **Issue Statuses** -- custom workflow statuses per org with required baseline protection
- **Issue Statuses** -- custom workflow statuses per org with required baseline protection, presets, cross-org migration
- **Cascade Merge** -- auto-create PRs to downstream branches after merge with configurable rules per repo
- **Security Scanning** -- secret detection (pre-receive blocking) + code analysis (SQL injection, XSS, command injection, path traversal, and more) with REST API for alerts, config, and on-demand scans
- **Default Org Teams** -- auto-create Developers, Reviewers, and CI/CD teams on org creation
- **Org Metadata** -- per-repo metadata API (public GET, admin PUT), platform detection for versioning
- **Branch Protection** -- delete allowlist for protected branches (per-user/team/deploy-key)
- **Org Governance** -- organization-wide rules that layer onto every repository: branch protection as a most-restrictive floor a repo cannot weaken, tag protection (team allowlist), push policy (branch/tag naming, mandatory secret-block, max file size, blocked paths), repository defaults (force-private, PR merge settings), and member email-domain allowlists
- **Project Board API** -- REST endpoints for project columns and cards
- **CI Infrastructure** -- reusable workflows, centralized ci-issue-reporter, standardized MOKOGITEA_TOKEN naming
- **Dev Deploy Gate** -- builds deploy to dev environment first, production checks dev health
## Documentation
- [Org Wiki](https://git.mokoconsulting.tech/MokoConsulting/.mokogitea/wiki/) -- standards, CLI reference, API docs
- [Wiki Features](https://git.mokoconsulting.tech/MokoConsulting/.mokogitea/wiki/standards/Wiki-Features) -- all 10 wiki enhancements
- [Licensing API](https://git.mokoconsulting.tech/MokoConsulting/.mokogitea/wiki/api/Licensing-API)
- [Repo Wiki](https://git.mokoconsulting.tech/MokoConsulting/MokoGitea-Fork/wiki/) -- feature docs, API reference, operations
- [Org Wiki](https://git.mokoconsulting.tech/MokoConsulting/.mokogit/wiki/) -- standards, CLI reference, API docs
- [Wiki Features](https://git.mokoconsulting.tech/MokoConsulting/.mokogit/wiki/standards/Wiki-Features) -- all 10 wiki enhancements
- [Licensing API](https://git.mokoconsulting.tech/MokoConsulting/.mokogit/wiki/api/Licensing-API)
- [Repo Wiki](https://git.mokoconsulting.tech/MokoConsulting/MokoGIT/wiki/) -- feature docs, API reference, operations
## Contributing
See the [org wiki](https://git.mokoconsulting.tech/MokoConsulting/.mokogitea/wiki/) for development guidelines, coding standards, and contribution instructions.
See the [org wiki](https://git.mokoconsulting.tech/MokoConsulting/.mokogit/wiki/) for development guidelines, coding standards, and contribution instructions.
## License
+1 -1
View File
@@ -9,7 +9,7 @@ import (
"fmt"
"os"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/assetfs"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/assetfs"
)
func main() {
+1 -1
View File
@@ -20,7 +20,7 @@ import (
"strings"
"unicode/utf8"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/json"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/json"
)
const (
+1 -1
View File
@@ -15,7 +15,7 @@ import (
"path/filepath"
"strings"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/util"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/util"
)
func main() {
+1 -1
View File
@@ -30,7 +30,7 @@ var primaryLicenseRe = regexp.MustCompile(`^(?i)(LICEN[SC]E|COPYING)$`)
// ignoredNames are LicenseEntry.Name values to exclude from the output.
var ignoredNames = map[string]bool{
"code.gitea.io/gitea": true,
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/options/license": true,
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/options/license": true,
}
var excludedExt = map[string]bool{
+1 -1
View File
@@ -25,7 +25,7 @@ import (
"sort"
"strings"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/build/openapi3gen"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/build/openapi3gen"
"github.com/getkin/kin-openapi/openapi3"
)
+1 -1
View File
@@ -8,7 +8,7 @@ import (
"regexp"
"strings"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/json"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/json"
"github.com/getkin/kin-openapi/openapi2"
"github.com/getkin/kin-openapi/openapi2conv"
+2 -2
View File
@@ -7,8 +7,8 @@ import (
"context"
"fmt"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/private"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/private"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/setting"
"github.com/urfave/cli/v3"
)
+6 -6
View File
@@ -8,12 +8,12 @@ import (
"context"
"fmt"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
repo_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/repo"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/git"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/gitrepo"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
repo_module "code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/repository"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/db"
repo_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/repo"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/git"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/gitrepo"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/log"
repo_module "code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/repository"
"github.com/urfave/cli/v3"
)
+3 -3
View File
@@ -10,9 +10,9 @@ import (
"os"
"text/tabwriter"
auth_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/auth"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
auth_service "code.mokoconsulting.tech/MokoConsulting/MokoGitea/services/auth"
auth_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/auth"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/db"
auth_service "code.mokoconsulting.tech/MokoConsulting/MokoGIT/services/auth"
"github.com/urfave/cli/v3"
)
+3 -3
View File
@@ -8,9 +8,9 @@ import (
"fmt"
"strings"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/auth"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/util"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/services/auth/source/ldap"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/auth"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/util"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/services/auth/source/ldap"
"github.com/urfave/cli/v3"
)
+3 -3
View File
@@ -7,9 +7,9 @@ import (
"context"
"testing"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/auth"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/test"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/services/auth/source/ldap"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/auth"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/test"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/services/auth/source/ldap"
"github.com/stretchr/testify/assert"
"github.com/urfave/cli/v3"
+3 -3
View File
@@ -9,9 +9,9 @@ import (
"fmt"
"net/url"
auth_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/auth"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/util"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/services/auth/source/oauth2"
auth_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/auth"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/util"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/services/auth/source/oauth2"
"github.com/urfave/cli/v3"
)
+2 -2
View File
@@ -7,8 +7,8 @@ import (
"context"
"testing"
auth_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/auth"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/services/auth/source/oauth2"
auth_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/auth"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/services/auth/source/oauth2"
"github.com/stretchr/testify/assert"
"github.com/urfave/cli/v3"
+3 -3
View File
@@ -8,9 +8,9 @@ import (
"errors"
"strings"
auth_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/auth"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/util"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/services/auth/source/smtp"
auth_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/auth"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/util"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/services/auth/source/smtp"
"github.com/urfave/cli/v3"
)
+2 -2
View File
@@ -7,8 +7,8 @@ import (
"context"
"testing"
auth_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/auth"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/services/auth/source/smtp"
auth_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/auth"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/services/auth/source/smtp"
"github.com/stretchr/testify/assert"
"github.com/urfave/cli/v3"
+3 -3
View File
@@ -6,9 +6,9 @@ package cmd
import (
"context"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/graceful"
asymkey_service "code.mokoconsulting.tech/MokoConsulting/MokoGitea/services/asymkey"
repo_service "code.mokoconsulting.tech/MokoConsulting/MokoGitea/services/repository"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/graceful"
asymkey_service "code.mokoconsulting.tech/MokoConsulting/MokoGIT/services/asymkey"
repo_service "code.mokoconsulting.tech/MokoConsulting/MokoGIT/services/repository"
"github.com/urfave/cli/v3"
)
+5 -5
View File
@@ -8,11 +8,11 @@ import (
"errors"
"fmt"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/auth/password"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/optional"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
user_service "code.mokoconsulting.tech/MokoConsulting/MokoGitea/services/user"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/user"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/auth/password"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/optional"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/setting"
user_service "code.mokoconsulting.tech/MokoConsulting/MokoGIT/services/user"
"github.com/urfave/cli/v3"
)
+3 -3
View File
@@ -7,9 +7,9 @@ import (
"io"
"testing"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/unittest"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/db"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/unittest"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/user"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
+6 -6
View File
@@ -9,12 +9,12 @@ import (
"fmt"
"strings"
auth_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/auth"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
pwd "code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/auth/password"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/optional"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
auth_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/auth"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/db"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/user"
pwd "code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/auth/password"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/optional"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/setting"
"github.com/urfave/cli/v3"
)
+4 -4
View File
@@ -8,10 +8,10 @@ import (
"strings"
"testing"
auth_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/auth"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/unittest"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
auth_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/auth"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/db"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/unittest"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/user"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
+4 -4
View File
@@ -9,10 +9,10 @@ import (
"fmt"
"strings"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/storage"
user_service "code.mokoconsulting.tech/MokoConsulting/MokoGitea/services/user"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/user"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/storage"
user_service "code.mokoconsulting.tech/MokoConsulting/MokoGIT/services/user"
"github.com/urfave/cli/v3"
)
+4 -4
View File
@@ -8,10 +8,10 @@ import (
"strings"
"testing"
auth_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/auth"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/unittest"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
auth_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/auth"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/db"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/unittest"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/user"
"github.com/stretchr/testify/require"
)
+2 -2
View File
@@ -8,8 +8,8 @@ import (
"errors"
"fmt"
auth_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/auth"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
auth_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/auth"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/user"
"github.com/urfave/cli/v3"
)
+1 -1
View File
@@ -9,7 +9,7 @@ import (
"os"
"text/tabwriter"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/user"
"github.com/urfave/cli/v3"
)
+2 -2
View File
@@ -8,8 +8,8 @@ import (
"errors"
"fmt"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/user"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/setting"
"github.com/urfave/cli/v3"
)
+3 -3
View File
@@ -6,9 +6,9 @@ package cmd
import (
"testing"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/unittest"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/db"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/unittest"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/user"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
+5 -5
View File
@@ -15,11 +15,11 @@ import (
"strings"
"testing"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/cmd"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/unittest"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/test"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/util"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/cmd"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/unittest"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/test"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/util"
"github.com/stretchr/testify/assert"
"github.com/urfave/cli/v3"
+1 -1
View File
@@ -9,7 +9,7 @@ import (
"fmt"
"os"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/setting"
"github.com/urfave/cli/v3"
)
+7 -7
View File
@@ -12,13 +12,13 @@ import (
"strings"
"text/tabwriter"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/migrations"
migrate_base "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/migrations/base"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/container"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/services/doctor"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/db"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/migrations"
migrate_base "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/migrations/base"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/container"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/services/doctor"
"github.com/urfave/cli/v3"
"xorm.io/xorm"
+3 -3
View File
@@ -7,9 +7,9 @@ import (
"context"
"fmt"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/db"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/setting"
"github.com/urfave/cli/v3"
)
+2 -2
View File
@@ -7,8 +7,8 @@ import (
"context"
"testing"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/services/doctor"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/services/doctor"
"github.com/stretchr/testify/assert"
"github.com/urfave/cli/v3"
+7 -7
View File
@@ -11,13 +11,13 @@ import (
"path/filepath"
"strings"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/dump"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/json"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/storage"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/util"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/db"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/dump"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/json"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/storage"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/util"
"gitea.com/go-chi/session"
"github.com/urfave/cli/v3"
+8 -8
View File
@@ -10,14 +10,14 @@ import (
"os"
"strings"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/git"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
base "code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/migration"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/structs"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/util"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/services/convert"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/services/migrations"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/git"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/log"
base "code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/migration"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/structs"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/util"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/services/convert"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/services/migrations"
"github.com/urfave/cli/v3"
)
+8 -8
View File
@@ -11,14 +11,14 @@ import (
"path/filepath"
"strings"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/assetfs"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/glob"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/options"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/public"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/templates"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/util"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/assetfs"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/glob"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/options"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/public"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/templates"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/util"
"github.com/urfave/cli/v3"
)
+1 -1
View File
@@ -9,7 +9,7 @@ import (
"fmt"
"os"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/generate"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/generate"
"github.com/mattn/go-isatty"
"github.com/urfave/cli/v3"
+3 -3
View File
@@ -15,9 +15,9 @@ import (
"strings"
"syscall"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/db"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/setting"
"github.com/urfave/cli/v3"
)
+6 -6
View File
@@ -14,12 +14,12 @@ import (
"strings"
"time"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/git"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/git/gitcmd"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/private"
repo_module "code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/repository"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/git"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/git/gitcmd"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/private"
repo_module "code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/repository"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/setting"
"github.com/urfave/cli/v3"
)
+2 -2
View File
@@ -9,8 +9,8 @@ import (
"fmt"
"strings"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/private"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/private"
"github.com/urfave/cli/v3"
)
+2 -2
View File
@@ -7,8 +7,8 @@ import (
"context"
"fmt"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/private"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/private"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/setting"
"github.com/urfave/cli/v3"
)
+2 -2
View File
@@ -10,8 +10,8 @@ import (
"os"
"strings"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/setting"
"github.com/urfave/cli/v3"
)
+1 -1
View File
@@ -7,7 +7,7 @@ import (
"context"
"testing"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/unittest"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/unittest"
"github.com/stretchr/testify/assert"
"github.com/urfave/cli/v3"
+1 -1
View File
@@ -8,7 +8,7 @@ import (
"os"
"time"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/private"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/private"
"github.com/urfave/cli/v3"
)
+2 -2
View File
@@ -9,8 +9,8 @@ import (
"fmt"
"os"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/private"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/private"
"github.com/urfave/cli/v3"
)
+4 -4
View File
@@ -6,10 +6,10 @@ package cmd
import (
"context"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/services/versioned_migration"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/db"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/services/versioned_migration"
"github.com/urfave/cli/v3"
)
+11 -11
View File
@@ -10,17 +10,17 @@ import (
"io/fs"
"strings"
actions_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/actions"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
git_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/git"
packages_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/packages"
repo_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/repo"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
packages_module "code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/packages"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/storage"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/services/versioned_migration"
actions_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/actions"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/db"
git_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/git"
packages_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/packages"
repo_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/repo"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/user"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/log"
packages_module "code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/packages"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/storage"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/services/versioned_migration"
"github.com/urfave/cli/v3"
)
+7 -7
View File
@@ -8,13 +8,13 @@ import (
"strings"
"testing"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/packages"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/unittest"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
packages_module "code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/packages"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/storage"
packages_service "code.mokoconsulting.tech/MokoConsulting/MokoGitea/services/packages"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/packages"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/unittest"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/user"
packages_module "code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/packages"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/storage"
packages_service "code.mokoconsulting.tech/MokoConsulting/MokoGIT/services/packages"
"github.com/stretchr/testify/assert"
)
+2 -2
View File
@@ -7,8 +7,8 @@ import (
"context"
"strings"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/private"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/private"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/setting"
"github.com/urfave/cli/v3"
)
+29 -24
View File
@@ -15,21 +15,21 @@ import (
"strings"
"unicode"
asymkey_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/asymkey"
git_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/git"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/perm"
repo_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/repo"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/git"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/git/gitcmd"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/json"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/lfstransfer"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/pprof"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/private"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/process"
repo_module "code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/repository"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/services/lfs"
asymkey_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/asymkey"
git_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/git"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/perm"
repo_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/repo"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/git"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/git/gitcmd"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/json"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/lfstransfer"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/pprof"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/private"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/process"
repo_module "code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/repository"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/services/lfs"
"github.com/kballard/go-shellquote"
"github.com/urfave/cli/v3"
@@ -113,23 +113,25 @@ func handleCliResponseExtra(extra private.ResponseExtra) error {
return nil
}
func getAccessMode(verb, lfsVerb string) perm.AccessMode {
// getAccessMode maps an SSH git/LFS verb to the access mode it requires, with
// ok=false for an unrecognised verb. Callers MUST reject the request when ok is
// false: AccessModeNone would otherwise pass the `userMode < mode` permission
// check in routers/private/serv.go and grant access.
func getAccessMode(verb, lfsVerb string) (mode perm.AccessMode, ok bool) {
switch verb {
case git.CmdVerbUploadPack, git.CmdVerbUploadArchive:
return perm.AccessModeRead
return perm.AccessModeRead, true
case git.CmdVerbReceivePack:
return perm.AccessModeWrite
return perm.AccessModeWrite, true
case git.CmdVerbLfsAuthenticate, git.CmdVerbLfsTransfer:
switch lfsVerb {
case git.CmdSubVerbLfsUpload:
return perm.AccessModeWrite
return perm.AccessModeWrite, true
case git.CmdSubVerbLfsDownload:
return perm.AccessModeRead
return perm.AccessModeRead, true
}
}
// should be unreachable
setting.PanicInDevOrTesting("unknown verb: %s %s", verb, lfsVerb)
return perm.AccessModeNone
return perm.AccessModeNone, false
}
func runServ(ctx context.Context, c *cli.Command) error {
@@ -247,7 +249,10 @@ func runServ(ctx context.Context, c *cli.Command) error {
}
}
requestedMode := getAccessMode(verb, lfsVerb)
requestedMode, ok := getAccessMode(verb, lfsVerb)
if !ok {
return fail(ctx, "Unknown git command", "Unknown git command %s %s", verb, lfsVerb)
}
results, extra := private.ServCommand(ctx, keyID, username, reponame, requestedMode, verb, lfsVerb)
if extra.HasError() {
+56
View File
@@ -0,0 +1,56 @@
// Copyright 2026 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package cmd
import (
"testing"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/perm"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/git"
"github.com/stretchr/testify/assert"
)
func TestGetAccessMode(t *testing.T) {
cases := []struct {
verb, lfsVerb string
expected perm.AccessMode
}{
{git.CmdVerbUploadPack, "", perm.AccessModeRead},
{git.CmdVerbUploadArchive, "", perm.AccessModeRead},
{git.CmdVerbReceivePack, "", perm.AccessModeWrite},
{git.CmdVerbLfsAuthenticate, git.CmdSubVerbLfsUpload, perm.AccessModeWrite},
{git.CmdVerbLfsAuthenticate, git.CmdSubVerbLfsDownload, perm.AccessModeRead},
{git.CmdVerbLfsTransfer, git.CmdSubVerbLfsUpload, perm.AccessModeWrite},
{git.CmdVerbLfsTransfer, git.CmdSubVerbLfsDownload, perm.AccessModeRead},
}
for _, tc := range cases {
t.Run(tc.verb+"/"+tc.lfsVerb, func(t *testing.T) {
mode, ok := getAccessMode(tc.verb, tc.lfsVerb)
assert.True(t, ok)
assert.Equal(t, tc.expected, mode)
})
}
}
// TestGetAccessModeUnknownVerb locks in the invariant that getAccessMode reports
// ok=false for unrecognised verbs and LFS sub-verbs, so runServ rejects them. An
// unknown verb has no valid access mode; if it were treated as AccessModeNone (0)
// it would pass the `userMode < mode` permission check in routers/private/serv.go
// and hand out valid LFS JWTs for any private repository.
func TestGetAccessModeUnknownVerb(t *testing.T) {
cases := []struct{ verb, lfsVerb string }{
{git.CmdVerbLfsAuthenticate, ""},
{git.CmdVerbLfsAuthenticate, "badverb"},
{git.CmdVerbLfsTransfer, "badverb"},
{"git-unknown-verb", ""},
}
for _, tc := range cases {
t.Run(tc.verb+"/"+tc.lfsVerb, func(t *testing.T) {
mode, ok := getAccessMode(tc.verb, tc.lfsVerb)
assert.False(t, ok)
assert.Equal(t, perm.AccessModeNone, mode)
})
}
}
+11 -11
View File
@@ -15,17 +15,17 @@ import (
"strings"
"time"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/container"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/graceful"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/gtprof"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/process"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/public"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/templates"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/util"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/routers"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/routers/install"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/container"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/graceful"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/gtprof"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/process"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/public"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/templates"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/util"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/routers"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/routers/install"
"github.com/felixge/fgprof"
"github.com/urfave/cli/v3"
+5 -5
View File
@@ -13,11 +13,11 @@ import (
"strconv"
"strings"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/graceful"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/process"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/util"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/graceful"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/process"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/util"
"github.com/caddyserver/certmagic"
)
+3 -3
View File
@@ -9,9 +9,9 @@ import (
"net/http/fcgi"
"strings"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/graceful"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/graceful"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/setting"
)
func runHTTP(network, listenAddr, name string, m http.Handler, useProxyProtocol bool) error {
+3 -3
View File
@@ -9,9 +9,9 @@ import (
"os"
"strings"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/graceful"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/graceful"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/setting"
"github.com/klauspost/cpuid/v2"
)
-2
View File
@@ -51,8 +51,6 @@ ROOT_PATH = /data/gitea/log
[security]
INSTALL_LOCK = $INSTALL_LOCK
SECRET_KEY = $SECRET_KEY
REVERSE_PROXY_LIMIT = 1
REVERSE_PROXY_TRUSTED_PROXIES = *
[service]
DISABLE_REGISTRATION = $DISABLE_REGISTRATION
-2
View File
@@ -48,8 +48,6 @@ ROOT_PATH = $GITEA_WORK_DIR/data/log
[security]
INSTALL_LOCK = $INSTALL_LOCK
SECRET_KEY = $SECRET_KEY
REVERSE_PROXY_LIMIT = 1
REVERSE_PROXY_TRUSTED_PROXIES = *
[service]
DISABLE_REGISTRATION = $DISABLE_REGISTRATION
+1 -1
View File
@@ -1,4 +1,4 @@
module code.mokoconsulting.tech/MokoConsulting/MokoGitea
module code.mokoconsulting.tech/MokoConsulting/MokoGIT
go 1.26.3
+8 -8
View File
@@ -10,16 +10,16 @@ import (
"strings"
"time"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/cmd"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/cmd"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/setting"
// register supported doc types
_ "code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/markup/asciicast"
_ "code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/markup/console"
_ "code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/markup/csv"
_ "code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/markup/markdown"
_ "code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/markup/orgmode"
_ "code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/markup/asciicast"
_ "code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/markup/console"
_ "code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/markup/csv"
_ "code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/markup/markdown"
_ "code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/markup/orgmode"
"github.com/urfave/cli/v3"
)
Submodule mcp-mokogitea-api deleted from dbaf91546e
+4 -4
View File
@@ -11,10 +11,10 @@ import (
"errors"
"time"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/optional"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/timeutil"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/util"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/db"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/optional"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/timeutil"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/util"
"xorm.io/builder"
)
+5 -5
View File
@@ -6,11 +6,11 @@ package actions
import (
"context"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/perm"
repo_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/repo"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/json"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/util"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/perm"
repo_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/repo"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/user"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/json"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/util"
"xorm.io/xorm/convert"
)
+1 -1
View File
@@ -6,7 +6,7 @@ package actions
import (
"testing"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/unittest"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/unittest"
)
func TestMain(m *testing.M) {
+11 -11
View File
@@ -11,17 +11,17 @@ import (
"strings"
"time"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
repo_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/repo"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/git"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/json"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
api "code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/structs"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/timeutil"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/util"
webhook_module "code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/webhook"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/db"
repo_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/repo"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/user"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/git"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/json"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/setting"
api "code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/structs"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/timeutil"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/util"
webhook_module "code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/webhook"
"xorm.io/builder"
)
+5 -5
View File
@@ -9,11 +9,11 @@ import (
"slices"
"time"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/timeutil"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/util"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/db"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/user"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/timeutil"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/util"
)
// ActionRunAttempt represents a single execution attempt of an ActionRun.
+3 -3
View File
@@ -6,9 +6,9 @@ package actions
import (
"context"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/container"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/db"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/user"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/container"
)
type ActionRunAttemptList []*ActionRunAttempt
+5 -5
View File
@@ -9,11 +9,11 @@ import (
"slices"
"time"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
repo_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/repo"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/actions/jobparser"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/timeutil"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/util"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/db"
repo_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/repo"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/actions/jobparser"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/timeutil"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/util"
"xorm.io/builder"
)
+5 -5
View File
@@ -6,11 +6,11 @@ package actions
import (
"context"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
repo_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/repo"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/container"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/optional"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/timeutil"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/db"
repo_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/repo"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/container"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/optional"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/timeutil"
"xorm.io/builder"
)
+6 -10
View File
@@ -6,12 +6,12 @@ package actions
import (
"context"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
repo_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/repo"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/container"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/translation"
webhook_module "code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/webhook"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/db"
repo_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/repo"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/user"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/container"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/translation"
webhook_module "code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/webhook"
"xorm.io/builder"
)
@@ -64,7 +64,6 @@ type FindRunOptions struct {
Ref string // the commit/tag/… that caused this workflow
TriggerUserID int64
TriggerEvent webhook_module.HookEventType
Approved bool // not util.OptionalBool, it works only when it's true
Status []Status
ConcurrencyGroup string
CommitSHA string
@@ -81,9 +80,6 @@ func (opts FindRunOptions) ToConds() builder.Cond {
if opts.TriggerUserID > 0 {
cond = cond.And(builder.Eq{"`action_run`.trigger_user_id": opts.TriggerUserID})
}
if opts.Approved {
cond = cond.And(builder.Gt{"`action_run`.approved_by": 0})
}
if len(opts.Status) > 0 {
cond = cond.And(builder.In("`action_run`.status", opts.Status))
}
+4 -4
View File
@@ -7,10 +7,10 @@ import (
"testing"
"time"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
repo_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/repo"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/unittest"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/timeutil"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/db"
repo_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/repo"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/unittest"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/timeutil"
"github.com/stretchr/testify/assert"
)
+10 -10
View File
@@ -10,16 +10,16 @@ import (
"strings"
"time"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
repo_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/repo"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/shared/types"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/container"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/optional"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/timeutil"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/translation"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/util"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/db"
repo_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/repo"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/shared/types"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/user"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/container"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/optional"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/timeutil"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/translation"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/util"
runnerv1 "code.gitea.io/actions-proto-go/runner/v1"
"xorm.io/builder"
+4 -4
View File
@@ -6,10 +6,10 @@ package actions
import (
"context"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
repo_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/repo"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/container"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/db"
repo_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/repo"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/user"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/container"
)
type RunnerList []*ActionRunner
+5 -5
View File
@@ -7,11 +7,11 @@ import (
"context"
"fmt"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
repo_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/repo"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/timeutil"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/util"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/db"
repo_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/repo"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/user"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/timeutil"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/util"
)
// ActionRunnerToken represents runner tokens
+1 -1
View File
@@ -6,7 +6,7 @@ package actions
import (
"testing"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/unittest"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/unittest"
"github.com/stretchr/testify/assert"
)
+6 -6
View File
@@ -8,12 +8,12 @@ import (
"fmt"
"time"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
repo_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/repo"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/timeutil"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/util"
webhook_module "code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/webhook"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/db"
repo_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/repo"
user_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/user"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/timeutil"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/util"
webhook_module "code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/webhook"
)
// ActionSchedule represents a schedule of a workflow file
+1 -1
View File
@@ -4,7 +4,7 @@
package actions
import (
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/db"
"xorm.io/builder"
)
+3 -3
View File
@@ -8,9 +8,9 @@ import (
"strings"
"time"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
repo_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/repo"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/timeutil"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/db"
repo_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/repo"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/timeutil"
"github.com/robfig/cron/v3"
)
+3 -3
View File
@@ -6,9 +6,9 @@ package actions
import (
"context"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
repo_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/repo"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/container"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/db"
repo_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/repo"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/container"
"xorm.io/builder"
)
+1 -1
View File
@@ -7,7 +7,7 @@ import (
"testing"
"time"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/test"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/test"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
+1 -1
View File
@@ -6,7 +6,7 @@ package actions
import (
"slices"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/translation"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/translation"
runnerv1 "code.gitea.io/actions-proto-go/runner/v1"
)
+8 -8
View File
@@ -11,14 +11,14 @@ import (
"strings"
"time"
auth_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/auth"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/unit"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/actions/jobparser"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/timeutil"
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/util"
auth_model "code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/auth"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/db"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/models/unit"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/actions/jobparser"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/log"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/setting"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/timeutil"
"code.mokoconsulting.tech/MokoConsulting/MokoGIT/modules/util"
runnerv1 "code.gitea.io/actions-proto-go/runner/v1"
lru "github.com/hashicorp/golang-lru/v2"

Some files were not shown because too many files have changed in this diff Show More