jmiller 2f119fbd95
PR RC Release / Build RC Release (pull_request) Successful in 3s
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Universal: PR Check / Validate PR (pull_request) Successful in 16s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Successful in 2s
Generic: Project CI / Lint & Validate (pull_request) Successful in 44s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m29s
Universal: PR Check / Secret Scan (pull_request) Successful in 3m49s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
fix(security): code scanner panics at startup on RE2-incompatible regexp
The "deserialize-yaml-py" rule in services/security/code_scanner.go used a
negative lookahead `(?!\s*#)` in regexp.MustCompile. Go's regexp engine is
RE2, which has no lookahead/lookbehind, so MustCompile panics during the
package init() — crash-looping the entire server at startup. `go build` and
`go vet` do not execute init(), and CI never boots the binary, so this
shipped to main via #552 undetected; the running instances survived only
because they predate that image.

Replace the pattern with an RE2-safe equivalent `(?i)yaml\.load\s*\(`, which
matches the rule's stated intent (flag yaml.load() without SafeLoader,
CWE-502). Add a regression test that forces the package init and asserts
every DefaultCodeRules pattern compiled, so a future RE2-incompatible
pattern fails in CI here instead of on a live deploy.

Claude-Session: https://claude.ai/code/session_01Wsno14cxE49MstXFs9G5KT
2026-07-05 15:06:57 -05:00
2025-09-04 01:17:14 +00:00
2026-04-26 11:46:48 +02:00
2026-03-22 08:18:42 -07:00
2026-01-16 11:00:16 +00:00
2026-04-14 23:24:44 +08:00
2026-04-15 17:26:26 +00:00
2026-05-04 19:27:47 +00:00

MokoGitea

Custom Gitea fork with enhanced wiki system, DLID licensing, issue statuses, cascade merge, security scanning, org-level governance, org metadata, CI standardization, and project board API.

Language License


Key Features

  • Wiki System -- wikilinks, categories, backlinks, template transclusion, revision diffs, rename redirects, folder ACL, enhanced ToC, print view, ZIP export (details)
  • DLID Licensing -- license management, entitlements, domain activations, ed25519-signed downloads
  • API Token Scope Editing -- edit token scopes via API (PATCH) or web UI after creation
  • Issue Statuses -- custom workflow statuses per org with required baseline protection, presets, cross-org migration
  • Cascade Merge -- auto-create PRs to downstream branches after merge with configurable rules per repo
  • Security Scanning -- secret detection (pre-receive blocking) + code analysis (SQL injection, XSS, command injection, path traversal, and more) with REST API for alerts, config, and on-demand scans
  • Default Org Teams -- auto-create Developers, Reviewers, and CI/CD teams on org creation
  • Org Metadata -- per-repo metadata API (public GET, admin PUT), platform detection for versioning
  • Branch Protection -- delete allowlist for protected branches (per-user/team/deploy-key)
  • Org Governance -- organization-wide rules that layer onto every repository: branch protection as a most-restrictive floor a repo cannot weaken, tag protection (team allowlist), push policy (branch/tag naming, mandatory secret-block, max file size, blocked paths), repository defaults (force-private, PR merge settings), and member email-domain allowlists
  • Project Board API -- REST endpoints for project columns and cards
  • CI Infrastructure -- reusable workflows, centralized ci-issue-reporter, standardized MOKOGITEA_TOKEN naming
  • Dev Deploy Gate -- builds deploy to dev environment first, production checks dev health

Documentation

Contributing

See the org wiki for development guidelines, coding standards, and contribution instructions.

License

This project is licensed under the GNU General Public License v3.0 or later -- see the LICENSE file.


Moko Consulting

S
Description
MokoGitea — custom Gitea fork with .mokogitea manifests, custom fields, org priorities, folder-based wikis, and Joomla update server generation
https://mokoconsulting.tech/support/mokogitea Readme MIT
1,020 MiB
2026-06-21 00:21:51 +00:00
Languages
Go 78.3%
Handlebars 12.8%
TypeScript 4.2%
CSS 1.9%
JavaScript 1.5%
Other 1.2%