jmiller 56e65268d7 feat: org branch protection user allowlists + actions-bot toggles (#734)
Org-level branch protection rules previously supported team-only
allowlists. This adds per-user allowlists (resolved by username OR
email) and "allow the actions bot" toggles for the push, merge and
force-push allowlists, plus a per-user approvals allowlist -- mirroring
the repo-level ProtectedBranch fields exactly. These carry through
ToProtectedBranch() into the standard enforcement path.

Model: add WhitelistUserIDs/MergeWhitelistUserIDs/
ForcePushAllowlistUserIDs/ApprovalsWhitelistUserIDs ([]int64 JSON) and
WhitelistActionsUser/MergeWhitelistActionsUser/
ForcePushAllowlistActionsUser (bool) to OrgProtectedBranch, and copy
them in ToProtectedBranch().

Migration 362 (v368-style file v363.go): additive columns via x.Sync.

API: new resolveUserIDs helper (username-then-email lookup, dedupe,
422 on unknown); Create/Edit set the new fields gated on the matching
Enable* flags; GET resolves stored user IDs back to usernames and
returns the actions-user bools.

DTOs: add *Usernames []string + *ActionsUser bool to the Create/Edit/
response structs, using the same json names as repo_branch.go.

Swagger: register OrgBranchProtection(/List) responses and the
Create/Edit option bodies; regenerate specs for the org endpoints.

Delete allowlists are intentionally omitted -- org branch protection
has no delete-allowlist concept (no CanDelete/EnableDeleteAllowlist/
DeleteAllowlistTeamIDs), so there is no team allowlist to extend.

Claude-Session: https://claude.ai/code/session_01Wsno14cxE49MstXFs9G5KT
2026-07-05 17:17:20 -05:00
2024-07-23 12:07:41 +00:00
2025-06-16 12:03:51 +00:00
2025-09-04 01:17:14 +00:00
2023-01-24 18:52:38 +00:00
2026-04-26 11:46:48 +02:00
2016-11-08 08:42:05 +01:00
2026-03-22 08:18:42 -07:00
2026-01-16 11:00:16 +00:00
2026-04-14 23:24:44 +08:00
2026-04-15 17:26:26 +00:00
2026-05-04 19:27:47 +00:00

MokoGitea

Custom Gitea fork with enhanced wiki system, DLID licensing, issue statuses, cascade merge, security scanning, org metadata, CI standardization, and project board API.

Language License


Key Features

  • Wiki System -- wikilinks, categories, backlinks, template transclusion, revision diffs, rename redirects, folder ACL, enhanced ToC, print view, ZIP export (details)
  • DLID Licensing -- license management, entitlements, domain activations, ed25519-signed downloads
  • API Token Scope Editing -- edit token scopes via API (PATCH) or web UI after creation
  • Issue Statuses -- custom workflow statuses per org with required baseline protection, presets, cross-org migration
  • Cascade Merge -- auto-create PRs to downstream branches after merge with configurable rules per repo
  • Security Scanning -- secret detection (pre-receive blocking) + code analysis (SQL injection, XSS, command injection, path traversal, and more) with REST API for alerts, config, and on-demand scans
  • Default Org Teams -- auto-create Developers, Reviewers, and CI/CD teams on org creation
  • Org Metadata -- per-repo metadata API (public GET, admin PUT), platform detection for versioning
  • Branch Protection -- delete allowlist for protected branches (per-user/team/deploy-key)
  • Project Board API -- REST endpoints for project columns and cards
  • CI Infrastructure -- reusable workflows, centralized ci-issue-reporter, standardized MOKOGITEA_TOKEN naming
  • Dev Deploy Gate -- builds deploy to dev environment first, production checks dev health

Documentation

Contributing

See the org wiki for development guidelines, coding standards, and contribution instructions.

License

This project is licensed under the GNU General Public License v3.0 or later -- see the LICENSE file.


Moko Consulting

S
Description
MokoGitea — custom Gitea fork with .mokogitea manifests, custom fields, org priorities, folder-based wikis, and Joomla update server generation
https://mokoconsulting.tech/support/mokogitea Readme MIT
1,020 MiB
2026-06-21 00:21:51 +00:00
Languages
Go 78.3%
Handlebars 12.8%
TypeScript 4.2%
CSS 1.9%
JavaScript 1.5%
Other 1.2%