jmiller e98fca780e
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
PR RC Release / Build RC Release (pull_request) Successful in 3s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 50s
Universal: PR Check / Validate PR (pull_request) Successful in 11s
Generic: Project CI / Lint & Validate (pull_request) Successful in 35s
Universal: PR Check / Secret Scan (pull_request) Successful in 59s
Branch Cleanup / Delete merged branch (pull_request) Successful in 2s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
fix: address org-governance release review (#727, #733) + dev deploy targeting
Code-review findings on the org-governance release:

- Fail closed on org-rule lookup error: getFirstMatchProtectedBranchRule
  swallowed FindOrgBranchRuleForBranch errors (returned nil,nil), silently
  dropping the org floor and falling back to the repo rule on a transient DB
  error. Propagate the error so the org rule stays enforced.

- Stop the org rule locking out deploy-key and Actions-bot pushes:
  OrgProtectedBranch is team-only, so mergeMostRestrictive was ANDing the
  repo's WhitelistDeployKeys / WhitelistActionsUser (and the force-push,
  delete and merge counterparts) against the org side's always-false zero
  value, blocking every deploy-key and Actions push in any org with a
  matching branch rule. Carry those org-unmanaged fields through from the
  repo rule unchanged.

- Org push-policy max-file-size now inspects only the pushed delta
  (diff-tree + cat-file --batch-check) instead of the full tip tree via
  ls-tree, so a pre-existing oversized file can no longer permanently block
  unrelated pushes. New branches (no base commit) still scan the full tree.

Dev deploy targeting:

- deploy-dev.yml drove the dev container image via `sed` on the SHARED
  compose file, but the pattern matched the *prod* service line
  (container_name: mokogitea) — leaving the dev service pinned to a stale
  image (so every "green" deploy recreated old code) while corrupting the
  prod image pin. Drive the dev service image from ${MOKOGITEA_DEV_TAG}
  instead; the env-var only affects the dev service.

Claude-Session: https://claude.ai/code/session_01Wsno14cxE49MstXFs9G5KT
2026-07-05 14:46:01 -05:00
2024-07-23 12:07:41 +00:00
2025-06-16 12:03:51 +00:00
2025-09-04 01:17:14 +00:00
2023-01-24 18:52:38 +00:00
2026-04-26 11:46:48 +02:00
2026-03-22 08:18:42 -07:00
2026-01-16 11:00:16 +00:00
2026-04-14 23:24:44 +08:00
2026-04-15 17:26:26 +00:00
2026-05-04 19:27:47 +00:00

MokoGitea

Custom Gitea fork with enhanced wiki system, DLID licensing, issue statuses, cascade merge, security scanning, org-level governance, org metadata, CI standardization, and project board API.

Language License


Key Features

  • Wiki System -- wikilinks, categories, backlinks, template transclusion, revision diffs, rename redirects, folder ACL, enhanced ToC, print view, ZIP export (details)
  • DLID Licensing -- license management, entitlements, domain activations, ed25519-signed downloads
  • API Token Scope Editing -- edit token scopes via API (PATCH) or web UI after creation
  • Issue Statuses -- custom workflow statuses per org with required baseline protection, presets, cross-org migration
  • Cascade Merge -- auto-create PRs to downstream branches after merge with configurable rules per repo
  • Security Scanning -- secret detection (pre-receive blocking) + code analysis (SQL injection, XSS, command injection, path traversal, and more) with REST API for alerts, config, and on-demand scans
  • Default Org Teams -- auto-create Developers, Reviewers, and CI/CD teams on org creation
  • Org Metadata -- per-repo metadata API (public GET, admin PUT), platform detection for versioning
  • Branch Protection -- delete allowlist for protected branches (per-user/team/deploy-key)
  • Org Governance -- organization-wide rules that layer onto every repository: branch protection as a most-restrictive floor a repo cannot weaken, tag protection (team allowlist), push policy (branch/tag naming, mandatory secret-block, max file size, blocked paths), repository defaults (force-private, PR merge settings), and member email-domain allowlists
  • Project Board API -- REST endpoints for project columns and cards
  • CI Infrastructure -- reusable workflows, centralized ci-issue-reporter, standardized MOKOGITEA_TOKEN naming
  • Dev Deploy Gate -- builds deploy to dev environment first, production checks dev health

Documentation

Contributing

See the org wiki for development guidelines, coding standards, and contribution instructions.

License

This project is licensed under the GNU General Public License v3.0 or later -- see the LICENSE file.


Moko Consulting

S
Description
MokoGitea — custom Gitea fork with .mokogitea manifests, custom fields, org priorities, folder-based wikis, and Joomla update server generation
https://mokoconsulting.tech/support/mokogitea Readme MIT
1,020 MiB
2026-06-21 00:21:51 +00:00
Languages
Go 78.3%
Handlebars 12.8%
TypeScript 4.2%
CSS 1.9%
JavaScript 1.5%
Other 1.2%