MokoConsulting/MokoGitea
1
0
Fork 0
Code Issues 146 Pull Requests Releases 96 Wiki Activity
21,559 Commits 67 Branches 347 Tags
dev
Commit Graph

5547 Commits

Author SHA1 Message Date
Jonathan Miller 33076e4e1b fix(issues): address review findings for custom field search
Generic: Repo Health / Scripts governance (push) Blocked by required conditions
Details
Generic: Repo Health / Repository health (push) Blocked by required conditions
Details
Generic: Repo Health / Report Issues (push) Blocked by required conditions
Details
Generic: Repo Health / Site Health (push) Has been skipped
Details
Generic: Repo Health / Access control (push) Successful in 2s
Details
Universal: PR Check / Build RC Package (pull_request) Blocked by required conditions
Details
Universal: PR Check / Report Issues (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Scripts governance (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Repository health (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Report Issues (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Site Health (pull_request) Has been skipped
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 3s
Details
Branch Policy Check / Verify merge target (pull_request) Successful in 17s
Details
Generic: Repo Health / Access control (pull_request) Failing after 17s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 22s
Details
PR RC Release / Build RC Release (pull_request) Failing after 35s
Details
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
Details
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Details
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
Details 
- Clear custom field filters when field definitions fail to load,
  preventing invisible filtering with no UI to undo
- Log malformed options JSON instead of silently dropping fields
- Extract parseCustomFieldQueryParams helper (web) and
  parseAPICustomFieldFilters helper (API) to deduplicate cf_ parsing
- API returns 400 for non-numeric or non-positive cf_ field IDs
- Validate field IDs are positive in web handler
- Add entity_type='issue' to subquery to prevent cross-entity matching

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-06 06:06:32 -05:00
Jonathan Miller a3c6f54ad3 feat(issues): advanced search with custom field filters (#496) 
Add the ability to filter issues by custom field values throughout
the entire search stack:

- DB: applyCustomFieldCondition joins custom_field_value with AND
  semantics (all specified fields must match)
- Indexer: CustomFieldFilters map passed through SearchOptions and
  ToDBOptions
- Web: parse cf_{fieldID}={value} query params, show dropdown
  filters in the issue list sidebar for org-level fields
- API: both SearchIssues and ListIssues accept cf_ query params

Closes #496

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-06 06:06:32 -05:00
Jonathan Miller 8e0388c9d8 fix(custom-fields): log errors instead of silently discarding them
Generic: Repo Health / Site Health (push) Has been skipped
Details
Generic: Repo Health / Access control (push) Successful in 1s
Details
Generic: Repo Health / Site Health (pull_request) Has been skipped
Details
Branch Policy Check / Verify merge target (pull_request) Successful in 1s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Details
Generic: Repo Health / Access control (pull_request) Successful in 2s
Details
PR RC Release / Build RC Release (pull_request) Successful in 3s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 6s
Details
Branch Cleanup / Delete merged branch (pull_request) Successful in 1s
Details
Generic: Repo Health / Scripts governance (push) Has been cancelled
Details
Generic: Repo Health / Repository health (push) Has been cancelled
Details
Generic: Repo Health / Report Issues (push) Has been cancelled
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Details
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Details
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Details
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
Details 
- saveCustomFieldsFromForm: log GetCustomFieldsByOwner errors
- resolveExtensionMetadata: log DB errors on custom field lookup
- NewIssue/ViewIssue: log errors from GetCustomFieldsByOwner and
  GetCustomFieldValuesMap instead of blank-assigning
- Composer: fix misleading comment about override source

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-04 22:14:10 -05:00
Jonathan Miller cd4c701cb6 fix(custom-fields): address code review findings
Generic: Repo Health / Site Health (push) Has been skipped
Details
Generic: Repo Health / Access control (push) Successful in 1s
Details
Generic: Repo Health / Site Health (pull_request) Has been skipped
Details
Branch Policy Check / Verify merge target (pull_request) Successful in 1s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Details
Generic: Repo Health / Access control (pull_request) Successful in 2s
Details
PR RC Release / Build RC Release (pull_request) Successful in 2s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 6s
Details
Generic: Repo Health / Scripts governance (push) Has been cancelled
Details
Generic: Repo Health / Repository health (push) Has been cancelled
Details
Generic: Repo Health / Report Issues (push) Has been cancelled
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Details
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Details
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Details
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
Details 
- API: return 500 on GetCustomFieldsByOwner failure instead of silently
  swallowing the error
- resolveExtensionMetadata: add DownloadGating/KeyPrefix to metadata
  struct instead of mutating the caller's cfg pointer (side effect)
- resolveExtensionMetadata: add Description custom field mapping
- Composer: use meta.PHPMinimum instead of bypassing the cascade
- Web form: flash error on custom field save failure instead of silent log

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-04 21:59:50 -05:00
Jonathan Miller 9ebe1b26b1 feat(custom-fields): pre-fill custom fields from issue template YAML frontmatter 
Add `custom_fields` map to IssueTemplate struct so templates can specify
default values (e.g. `Priority: Medium`). On new issue form, org-level
issue-scoped fields appear in the sidebar with template defaults pre-selected.
NewIssuePost saves the values after issue creation. The API create issue
endpoint also accepts `custom_fields` by name.

Closes #493

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-04 21:47:15 -05:00
Jonathan Miller 539619be2f feat(api): custom fields API for org definitions, repo metadata, and issue values
Generic: Repo Health / Site Health (push) Has been skipped
Details
Generic: Repo Health / Access control (push) Successful in 1s
Details
Generic: Repo Health / Site Health (pull_request) Has been skipped
Details
Branch Policy Check / Verify merge target (pull_request) Successful in 1s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Details
Generic: Repo Health / Access control (pull_request) Successful in 1s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 8s
Details
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
Details
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Details
PR RC Release / Build RC Release (pull_request) Failing after 24s
Details
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 55s
Details
Generic: Repo Health / Scripts governance (push) Has been cancelled
Details
Generic: Repo Health / Repository health (push) Has been cancelled
Details
Generic: Repo Health / Report Issues (push) Has been cancelled
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Details
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Details
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Details
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
Details 
API endpoints:
- GET/POST/DELETE /api/v1/orgs/{org}/custom-fields — org field definitions
- GET/PUT /api/v1/repos/{owner}/{repo}/metadata — repo-scoped field values
- GET/PUT /api/v1/repos/{owner}/{repo}/issues/{index}/custom-fields — issue values

All endpoints use field names as keys (not IDs) for ergonomic access.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-04 19:20:21 -05:00
Jonathan Miller 6bd9548b2a feat(custom-fields): move to org-level definitions with issue and repo scopes
Generic: Repo Health / Site Health (push) Has been skipped
Details
Generic: Repo Health / Access control (push) Successful in 2s
Details
Generic: Repo Health / Site Health (pull_request) Has been skipped
Details
Branch Policy Check / Verify merge target (pull_request) Successful in 1s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Details
Generic: Repo Health / Access control (pull_request) Successful in 1s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 6s
Details
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
Details
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Details
PR RC Release / Build RC Release (pull_request) Failing after 23s
Details
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 1m4s
Details
Generic: Repo Health / Scripts governance (push) Has been cancelled
Details
Generic: Repo Health / Repository health (push) Has been cancelled
Details
Generic: Repo Health / Report Issues (push) Has been cancelled
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Details
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Details
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Details
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
Details 
- CustomFieldDef now has owner_id (org) and scope (issue/repo)
- Issue sidebar loads fields by org owner_id, not repo_id
- Org Settings > Custom Fields page for managing field definitions
- Repo Settings > Metadata page for filling in repo-scoped values
- Migration v345 adds owner_id, scope, entity_id, entity_type columns
- Per-repo custom field management replaced by org-level
- Replaces .mokogitea/manifest.xml with database-backed metadata

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-04 19:11:22 -05:00
Jonathan Miller df58aacc30 fix(downloads): signed-in users with repo access bypass download gating
Generic: Repo Health / Site Health (push) Has been skipped
Details
Generic: Repo Health / Access control (push) Successful in 1s
Details
Generic: Repo Health / Site Health (pull_request) Has been skipped
Details
Branch Policy Check / Verify merge target (pull_request) Successful in 1s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Details
Generic: Repo Health / Access control (pull_request) Successful in 1s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 6s
Details
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
Details
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Details
PR RC Release / Build RC Release (pull_request) Failing after 23s
Details
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 1m29s
Details
Generic: Repo Health / Scripts governance (push) Has been cancelled
Details
Generic: Repo Health / Repository health (push) Has been cancelled
Details
Generic: Repo Health / Report Issues (push) Has been cancelled
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Details
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Details
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Details
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
Details 
Download gating only applies to anonymous/external clients (Joomla
update checker). Users who are signed in and have permission to
access the repo can always download releases regardless of gating.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-04 18:35:57 -05:00
Jonathan Miller 178e8fffe2 fix(licenses): fix key generation modal not passing package_id
Generic: Repo Health / Site Health (push) Has been skipped
Details
Generic: Repo Health / Access control (push) Successful in 1s
Details
Branch Policy Check / Verify merge target (pull_request) Successful in 1s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Details
Generic: Repo Health / Site Health (pull_request) Has been skipped
Details
Generic: Repo Health / Access control (pull_request) Successful in 1s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 6s
Details
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Details
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
Details
PR RC Release / Build RC Release (pull_request) Failing after 22s
Details
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 1m3s
Details
Generic: Repo Health / Scripts governance (push) Has been cancelled
Details
Generic: Repo Health / Repository health (push) Has been cancelled
Details
Generic: Repo Health / Report Issues (push) Has been cancelled
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Details
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Details
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Details
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
Details 
The generate key modal's hidden package_id input was always empty
because show-modal doesn't wire data attributes to hidden inputs.
Fix: pass package_id via the form action URL query string instead.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-04 18:13:10 -05:00
Jonathan Miller 635a13d277 fix(updateserver): only show downloadkey when downloads are gated
Generic: Repo Health / Site Health (push) Has been skipped
Details
Generic: Repo Health / Access control (push) Successful in 1s
Details
Branch Policy Check / Verify merge target (pull_request) Successful in 2s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Details
Generic: Repo Health / Site Health (pull_request) Has been skipped
Details
Generic: Repo Health / Access control (pull_request) Successful in 1s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 10s
Details
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
Details
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Details
PR RC Release / Build RC Release (pull_request) Failing after 26s
Details
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 1m0s
Details
Generic: Repo Health / Scripts governance (push) Has been cancelled
Details
Generic: Repo Health / Repository health (push) Has been cancelled
Details
Generic: Repo Health / Report Issues (push) Has been cancelled
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Details
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Details
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Details
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
Details 
Show <downloadkey> only when download_gating is prerelease or all.
No gating means no license keys are needed, so don't prompt for one.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-04 16:33:04 -05:00
Jonathan Miller 6be3e5c879 fix(updateserver): always show downloadkey when licensing enabled
Generic: Repo Health / Site Health (push) Has been skipped
Details
Generic: Repo Health / Access control (push) Successful in 2s
Details
Generic: Repo Health / Site Health (pull_request) Has been skipped
Details
Branch Policy Check / Verify merge target (pull_request) Successful in 2s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Details
Generic: Repo Health / Access control (pull_request) Successful in 1s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 6s
Details
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Details
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
Details
PR RC Release / Build RC Release (pull_request) Failing after 22s
Details
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 1m3s
Details
Generic: Repo Health / Scripts governance (push) Has been cancelled
Details
Generic: Repo Health / Repository health (push) Has been cancelled
Details
Generic: Repo Health / Report Issues (push) Has been cancelled
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Details
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Details
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Details
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
Details 
Include <downloadkey prefix="dlid="> in Joomla update XML whenever
Update Server is enabled for the repo, not just when require_key is
set. This ensures Joomla shows the Download Key field in Update Sites
even when downloads are currently public.

Also corrected joomlaTagName comment with Joomla source reference.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-04 16:28:14 -05:00
Jonathan Miller 4ec0db8658 feat(issues): show custom fields in issue sidebar with inline editing
Generic: Repo Health / Site Health (push) Has been skipped
Details
Generic: Repo Health / Access control (push) Successful in 1s
Details
Generic: Repo Health / Site Health (pull_request) Has been skipped
Details
Branch Policy Check / Verify merge target (pull_request) Successful in 1s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Details
Generic: Repo Health / Access control (pull_request) Successful in 1s
Details
PR RC Release / Build RC Release (pull_request) Successful in 2s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 5s
Details
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
Details
Generic: Repo Health / Scripts governance (push) Has been cancelled
Details
Generic: Repo Health / Repository health (push) Has been cancelled
Details
Generic: Repo Health / Report Issues (push) Has been cancelled
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Details
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Details
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Details
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
Details 
- Load custom field definitions and values in ViewIssue handler
- New sidebar template displays dropdown fields with onchange submit
- POST handler at /issues/{id}/custom-fields/{field_id} saves values
- Dropdown options parsed from JSON and passed to template
- Non-dropdown fields display as read-only text
- Section appears between Labels and Milestone in sidebar

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-04 13:48:22 -05:00
Jonathan Miller e4ea1303ea feat(licenses): add domain restriction to packages and key generation
Generic: Repo Health / Site Health (push) Has been skipped
Details
Branch Policy Check / Verify merge target (pull_request) Successful in 1s
Details
Generic: Repo Health / Access control (push) Successful in 2s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Details
Generic: Repo Health / Site Health (pull_request) Has been skipped
Details
Generic: Repo Health / Access control (pull_request) Successful in 1s
Details
PR RC Release / Build RC Release (pull_request) Successful in 2s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 7s
Details
Branch Cleanup / Delete merged branch (pull_request) Successful in 2s
Details
Generic: Repo Health / Scripts governance (push) Has been cancelled
Details
Generic: Repo Health / Repository health (push) Has been cancelled
Details
Generic: Repo Health / Report Issues (push) Has been cancelled
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Details
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Details
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Details
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
Details 
- Add DomainRestriction field to LicensePackage model with migration
- Packages can define default allowed domains (comma-separated)
- Key generation form now includes licensee name, email, and domain
  fields in a proper modal instead of a tiny inline form
- Keys inherit domain restriction from their package if not overridden
- Package create/edit forms include domain restriction input
- Domain enforcement already exists in heartbeat validation

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-04 09:05:44 -05:00
Jonathan Miller bab1acdfe3 fix(licenses): fix master key visibility, package creation, and template structure
Generic: Repo Health / Site Health (push) Has been skipped
Details
Generic: Repo Health / Site Health (pull_request) Has been skipped
Details
Branch Policy Check / Verify merge target (pull_request) Successful in 1s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Details
Generic: Repo Health / Access control (push) Successful in 1s
Details
Generic: Repo Health / Access control (pull_request) Successful in 2s
Details
PR RC Release / Build RC Release (pull_request) Successful in 2s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 5s
Details
Branch Cleanup / Delete merged branch (pull_request) Successful in 2s
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Details
Generic: Repo Health / Scripts governance (push) Has been cancelled
Details
Generic: Repo Health / Repository health (push) Has been cancelled
Details
Generic: Repo Health / Report Issues (push) Has been cancelled
Details
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Details
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Details
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
Details 
- Always show master key prefix and status in a dedicated segment with
  a Regenerate button that deactivates the old key and creates a new one
- Fix broken <details> structure where </details> was inside an {{if}}
  block, causing malformed HTML
- Move create package form into a proper modal instead of a broken
  details/summary toggle
- Add copy button for all key prefixes (not just full keys)
- Add POST /licenses/master-key/regenerate route and handler
- Add locale keys for regenerate master key feature

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-04 08:47:11 -05:00
Jonathan Miller cbaf289657 fix(settings): add licensing toggle to Advanced Settings, clean up UI
Generic: Repo Health / Site Health (push) Has been skipped
Details
Branch Policy Check / Verify merge target (pull_request) Successful in 1s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Details
Generic: Repo Health / Access control (push) Successful in 1s
Details
Generic: Repo Health / Site Health (pull_request) Has been skipped
Details
PR RC Release / Build RC Release (pull_request) Successful in 2s
Details
Generic: Repo Health / Access control (pull_request) Successful in 1s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 6s
Details
Branch Cleanup / Delete merged branch (pull_request) Successful in 2s
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Details
Generic: Repo Health / Scripts governance (push) Has been cancelled
Details
Generic: Repo Health / Repository health (push) Has been cancelled
Details
Generic: Repo Health / Report Issues (push) Has been cancelled
Details
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Details
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Details
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
Details 
- Add licensing enable/disable checkbox to Advanced Settings page so
  users can toggle licensing without needing the separate Licensing
  settings page
- Restore LicensingEnabled gate on Licensing nav item (shows only when
  licensing is enabled, as intended)
- Replace inline dividers with Fomantic UI dividing headers for cleaner
  visual section separation
- Fix redirect after saving advanced settings to go back to /advanced
  instead of /settings

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-04 08:09:23 -05:00
Jonathan Miller c90edc3efc fix(settings): prevent double-highlight on Advanced Settings nav item
Generic: Repo Health / Site Health (push) Has been skipped
Details
Generic: Repo Health / Access control (push) Successful in 1s
Details
Branch Policy Check / Verify merge target (pull_request) Successful in 1s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Details
Generic: Repo Health / Site Health (pull_request) Has been skipped
Details
PR RC Release / Build RC Release (pull_request) Successful in 2s
Details
Generic: Repo Health / Access control (pull_request) Successful in 1s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 5s
Details
Branch Cleanup / Delete merged branch (pull_request) Successful in 1s
Details
Generic: Repo Health / Scripts governance (push) Has been cancelled
Details
Generic: Repo Health / Repository health (push) Has been cancelled
Details
Generic: Repo Health / Report Issues (push) Has been cancelled
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Details
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Details
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Details
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
Details 
SettingsCtxData middleware sets PageIsSettingsOptions=true for all
settings routes including /advanced. The advanced handler now explicitly
clears it so only the Advanced Settings nav item is highlighted.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-04 07:50:41 -05:00
Jonathan Miller fb5002d317 fix(build): replace invalid UTF-8 character in API comment
Generic: Repo Health / Site Health (push) Has been skipped
Details
Generic: Repo Health / Access control (push) Successful in 1s
Details
Generic: Repo Health / Site Health (pull_request) Has been skipped
Details
Branch Policy Check / Verify merge target (pull_request) Successful in 2s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Details
Generic: Repo Health / Access control (pull_request) Successful in 1s
Details
PR RC Release / Build RC Release (pull_request) Successful in 2s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 5s
Details
Branch Cleanup / Delete merged branch (pull_request) Successful in 1s
Details
Generic: Repo Health / Scripts governance (push) Has been cancelled
Details
Generic: Repo Health / Repository health (push) Has been cancelled
Details
Generic: Repo Health / Report Issues (push) Has been cancelled
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Details
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Details
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Details
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
Details 
The em dash in the TODO comment was encoded as invalid UTF-8, causing
a Go compiler error. Replace with ASCII hyphen.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-04 07:37:42 -05:00
Jonathan Miller c15582aa64 fix(build): remove stale custom field API routes, structs, and migration
Generic: Repo Health / Site Health (push) Has been skipped
Details
Generic: Repo Health / Access control (push) Successful in 1s
Details
Generic: Repo Health / Site Health (pull_request) Has been skipped
Details
Branch Policy Check / Verify merge target (pull_request) Successful in 1s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Details
Generic: Repo Health / Access control (pull_request) Successful in 1s
Details
PR RC Release / Build RC Release (pull_request) Successful in 2s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 4s
Details
Branch Cleanup / Delete merged branch (pull_request) Successful in 1s
Details
Generic: Repo Health / Scripts governance (push) Has been cancelled
Details
Generic: Repo Health / Repository health (push) Has been cancelled
Details
Generic: Repo Health / Report Issues (push) Has been cancelled
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Details
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Details
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Details
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
Details 
Comment out custom-fields API routes in api.go that referenced handler
functions from the deleted routers/api/v1/repo/custom_field.go. Remove
the unreferenced modules/structs/custom_field.go and the duplicate
v1_25/v323 migration (superseded by v1_27/v343).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-04 07:26:16 -05:00
Jonathan Miller 877f39d4f4 fix(build): remove stale custom field API file from prior session
Generic: Repo Health / Site Health (pull_request) Has been skipped
Details
Branch Policy Check / Verify merge target (pull_request) Successful in 1s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Details
Generic: Repo Health / Access control (pull_request) Successful in 1s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 6s
Details
PR RC Release / Build RC Release (pull_request) Successful in 21s
Details
Generic: Repo Health / Site Health (push) Has been skipped
Details
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Details
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
Details
Generic: Repo Health / Access control (push) Successful in 2s
Details
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 6m5s
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Details
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Details
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Details
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
Details
Generic: Repo Health / Scripts governance (push) Has been cancelled
Details
Generic: Repo Health / Repository health (push) Has been cancelled
Details
Generic: Repo Health / Report Issues (push) Has been cancelled
Details 
The old API file references non-existent struct names and fields.
Will be rebuilt properly after the web UI is complete.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-04 07:02:40 -05:00
Jonathan Miller 75f05e1c80 fix(build): update custom field API to match renamed model functions
Generic: Repo Health / Site Health (pull_request) Has been skipped
Details
Branch Policy Check / Verify merge target (pull_request) Successful in 2s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Details
Generic: Repo Health / Access control (pull_request) Successful in 1s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 8s
Details
Generic: Repo Health / Site Health (push) Has been skipped
Details
Generic: Repo Health / Access control (push) Successful in 1s
Details
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
Details
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Details
PR RC Release / Build RC Release (pull_request) Successful in 27s
Details
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 6m17s
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Details
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Details
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Details
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
Details
Generic: Repo Health / Scripts governance (push) Has been cancelled
Details
Generic: Repo Health / Repository health (push) Has been cancelled
Details
Generic: Repo Health / Report Issues (push) Has been cancelled
Details 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-04 06:52:56 -05:00
Jonathan Miller c7d8f6066f feat(issues): custom fields foundation — model, migration, settings UI (#8)
Generic: Repo Health / Site Health (push) Has been skipped
Details
Generic: Repo Health / Access control (push) Successful in 2s
Details
Generic: Repo Health / Site Health (pull_request) Has been skipped
Details
Branch Policy Check / Verify merge target (pull_request) Successful in 1s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Details
Generic: Repo Health / Access control (pull_request) Successful in 1s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 7s
Details
PR RC Release / Build RC Release (pull_request) Failing after 19s
Details
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
Details
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Details
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 6m35s
Details
Generic: Repo Health / Scripts governance (push) Has been cancelled
Details
Generic: Repo Health / Repository health (push) Has been cancelled
Details
Generic: Repo Health / Report Issues (push) Has been cancelled
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Details
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Details
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Details
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
Details 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-04 06:46:33 -05:00
Jonathan Miller 9506a19ab8 feat(licenses): use ancestor-aware functions in org license handler
Generic: Repo Health / Site Health (pull_request) Has been skipped
Details
Branch Policy Check / Verify merge target (pull_request) Successful in 1s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Details
Generic: Repo Health / Access control (pull_request) Successful in 1s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 5s
Details
Generic: Repo Health / Site Health (push) Has been skipped
Details
PR RC Release / Build RC Release (pull_request) Successful in 20s
Details
Generic: Repo Health / Access control (push) Successful in 1s
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Details
Generic: Repo Health / Release configuration (pull_request) Has been cancelled
Details
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Details
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Details
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
Details
Generic: Repo Health / Release configuration (push) Has been cancelled
Details
Generic: Repo Health / Scripts governance (push) Has been cancelled
Details
Generic: Repo Health / Repository health (push) Has been cancelled
Details
Generic: Repo Health / Report Issues (push) Has been cancelled
Details 
Org licenses handler now uses ListLicensePackagesWithAncestors,
ListLicenseKeysWithAncestors, and SearchLicenseKeysWithAncestors
to show packages and keys from parent orgs in the hierarchy.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-02 18:46:33 -05:00
Jonathan Miller 48ff05d4b3 fix(updates): feed always public, downloads gated separately
Generic: Repo Health / Access control (push) Successful in 1s
Details
Generic: Repo Health / Site Health (push) Has been skipped
Details
Branch Policy Check / Verify merge target (pull_request) Successful in 2s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 6s
Details
Generic: Repo Health / Access control (pull_request) Successful in 1s
Details
Generic: Repo Health / Site Health (pull_request) Has been skipped
Details
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
Details
PR RC Release / Build RC Release (pull_request) Failing after 24s
Details
Generic: Repo Health / Release configuration (push) Has been cancelled
Details
Generic: Repo Health / Scripts governance (push) Has been cancelled
Details
Generic: Repo Health / Repository health (push) Has been cancelled
Details
Generic: Repo Health / Report Issues (push) Has been cancelled
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Details
Generic: Repo Health / Release configuration (pull_request) Has been cancelled
Details
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Details
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Details
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
Details 
The updates.xml/JSON feed is now always fully public with versions
and download URLs visible. The actual file downloads are what get
blocked by CheckDownloadGating (none/prerelease/all).

Previously require_key and feed_visibility controlled the XML
feed visibility. Now the feed is informational only — Joomla can
always see what versions are available. The download gating
setting controls whether the files can actually be downloaded.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-02 15:45:00 -05:00
Jonathan Miller 89fcbda623 feat(settings): move advanced settings to dedicated /settings/advanced page
Branch Policy Check / Verify merge target (pull_request) Successful in 1s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 5s
Details
PR RC Release / Build RC Release (pull_request) Failing after 18s
Details
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details 
Extract all feature unit settings (Code, Wiki, Issues, Projects,
Releases, Packages, Pull Requests) from options.tmpl into a
separate advanced.tmpl with its own route at /settings/advanced.

Options page now only contains: basic repo settings, avatar,
mirror config, signing settings, and danger zone.

Navbar updated: Advanced Settings link points to /settings/advanced.
Form posts still go through the existing SettingsPost handler.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-02 14:23:49 -05:00
Jonathan Miller a1ceac6396 feat(settings): separate licensing settings page with navbar entry
Branch Policy Check / Verify merge target (pull_request) Successful in 1s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 5s
Details
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
Details
PR RC Release / Build RC Release (pull_request) Successful in 23s
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details 
Extract licensing/update feed settings to its own page at
/settings/licensing with dedicated template and handler.

Navbar additions:
- Advanced Settings link (points to existing options page)
- Licensing link with key icon (when licensing enabled)

New handler: LicensingSettings/LicensingSettingsPost serves the
standalone licensing form with all fields (platform, gating,
metadata, extensions).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-02 14:02:53 -05:00
Jonathan Miller cfea80d3ca fix(build): use UpdateRepositoryColsWithAutoTime for is_hidden
Branch Policy Check / Verify merge target (pull_request) Successful in 1s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 6s
Details
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
Details
PR RC Release / Build RC Release (pull_request) Failing after 21s
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-02 13:46:26 -05:00
Jonathan Miller e2c738a8d8 feat(repos): three-level visibility — Public, Private, Hidden
Branch Policy Check / Verify merge target (pull_request) Successful in 1s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 6s
Details
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
Details
PR RC Release / Build RC Release (pull_request) Failing after 22s
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details 
Add IsHidden field to Repository model. Three visibility modes:

- Public: visible to everyone (green label)
- Private: members only, non-members see 403 Access Denied (orange)
- Hidden: members only, non-members see 404 Not Found (red)

Private mode is for commercial repos — customers know the repo
exists and see a styled 403 page with sign-in button. Licensed
update feeds and key-gated downloads still work.

Hidden mode is for internal/secret repos — complete stealth, as
if the repo doesn't exist.

Settings UI: radio button selector in danger zone replaces the
old binary toggle. Each option shows a colored label with
description.

Migration v342: adds is_hidden column to repository table.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-02 13:42:25 -05:00
Jonathan Miller 95d93da2bc fix(licenses): bypass attachment permission check for licensed downloads
Branch Policy Check / Verify merge target (pull_request) Successful in 1s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 6s
Details
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
Details
PR RC Release / Build RC Release (pull_request) Failing after 20s
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details 
ServeAttachment checks perm.CanRead(unitType) which fails for
licensed read-only access on private repos. Now skips the check
when LicensedReadOnly is set in context (from RepoAssignment).

This allows Joomla/WordPress clients with valid dlid= params to
download release files from private licensed repos.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-02 10:17:06 -05:00
Jonathan Miller ead620daf9 fix(updates): allow update feeds on private repos via lightweight repo loader
Branch Policy Check / Verify merge target (pull_request) Successful in 1s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 6s
Details
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
Details
PR RC Release / Build RC Release (pull_request) Successful in 20s
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details 
Update feed endpoints (updates.xml, dolibarr.json, wordpress.json,
packages.json, prestashop.xml, drupal.xml, whmcs.json, changelog.xml)
now use RepoAssignmentPublicFeed instead of the full RepoAssignment.

The lightweight loader fetches the repo by owner/name without checking
user permissions. Feed handlers gate access via license keys, not repo
membership. This allows private repos to serve update feeds to
anonymous Joomla/WordPress/Composer clients with valid license keys.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-02 09:36:06 -05:00
Jonathan Miller 02f3ed88f1 feat(updates): PrestaShop (#352), Drupal (#353), WHMCS (#355) update feeds
Branch Policy Check / Verify merge target (pull_request) Successful in 1s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 5s
Details
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
Details
PR RC Release / Build RC Release (pull_request) Failing after 18s
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details 
PrestaShop: GET /updates/prestashop.xml — module update XML with
name, version, download URL, author, SHA256. Serves stable only.

Drupal: GET /updates/drupal.xml — update status XML per Drupal API
spec. Includes project metadata, all releases with status, download
links, SHA256. Uses TargetVersion config for api_version field.

WHMCS: GET /updates/whmcs.json — simple JSON with latest stable
version, download URL (with dlid), changelog, author. License key
embedded in download URL when provided.

All three use ResolveReleaseStream for manual/auto stream mapping,
readSHA256FromSidecar for integrity hashes, and extractVersion with
stream-name tag fallback.

Routes registered under the update server group alongside Joomla,
Dolibarr, WordPress, and Composer feeds.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-02 09:08:03 -05:00
Jonathan Miller 0fb0aea719 feat(updates): Composer packages.json feed (#354), hide menu items for guests
Branch Policy Check / Verify merge target (pull_request) Successful in 1s
Details
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
Details
PR RC Release / Build RC Release (pull_request) Successful in 20s
Details 
Composer feed: new endpoint GET /updates/packages.json serving
Composer/Packagist-compatible packages.json. Includes version,
dist URL with SHA256, authors, PHP requirement. License key
embedded in download URL when provided.

Menu visibility: Actions and Licenses tabs in repo header now
require .IsSigned — anonymous users no longer see tabs they
can't access. Previously the tabs were visible but clicking
redirected to login (confusing UX).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-02 09:02:00 -05:00
Jonathan Miller eca929f680 feat(licenses): configurable key prefix (#406), header button (#408), open feed button (#409)
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Details
Branch Policy Check / Verify merge target (pull_request) Successful in 1s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 5s
Details
PR RC Release / Build RC Release (pull_request) Failing after 18s
Details
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details 
#406: Add KeyPrefix field to UpdateStreamConfig. GenerateKeyString
now accepts a prefix parameter, looked up from org config. Default
remains MOKO if not set. Auto-uppercased, max 20 chars.

#408: Move "New Package" button into the packages header bar,
right-aligned. Uses details/summary pattern — clicking the button
expands the create form below. Cleaner layout on both repo and org.

#409: Add open-in-new-tab button (external link icon) next to every
copy button on feed URLs. All four feeds: Joomla XML, Dolibarr JSON,
WordPress JSON, Changelog XML.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-02 08:51:55 -05:00
Jonathan Miller b65b155446 SECURITY: fix release download gating and require login for actions
Branch Policy Check / Verify merge target (pull_request) Successful in 1s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 5s
Details
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
Details
PR RC Release / Build RC Release (pull_request) Successful in 21s
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details 
Release gating: HideReleaseDownloads now checks download_gating
setting in addition to feed_visibility. When licensing is enabled
and download_gating != "none", anonymous users see "Sign in to
download" instead of download links on the release page.

Actions: changed from optSignIn to reqSignIn on the repo actions
route group. Anonymous users can no longer view CI/CD runs, logs,
or artifacts. This is a MokoGitea policy override — upstream Gitea
allows public actions on public repos.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-02 08:40:40 -05:00
Jonathan Miller de52ad0fbc fix(build): permanent fixes for recurring build errors
Branch Policy Check / Verify merge target (pull_request) Successful in 2s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 11s
Details
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
Details
PR RC Release / Build RC Release (pull_request) Failing after 26s
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details 
- AI migration 339: replaced with noopMigration placeholder
- feed/file.go: add missing comma in struct literal
- license_key.go: remove unused org_model import

These were being applied as server-side hotfixes on every deploy.
Now committed to dev so they persist through merges.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-02 08:34:14 -05:00
Jonathan Miller 1dfa5d8079 SECURITY: require login for licenses page — was accessible anonymously
Branch Policy Check / Verify merge target (pull_request) Successful in 2s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 6s
Details
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
Details
PR RC Release / Build RC Release (pull_request) Successful in 21s
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details 
The repo licenses route used optSignIn (login optional), allowing
anonymous users to view license packages and keys. Changed to
reqSignIn to require authentication.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-02 08:25:31 -05:00
Jonathan Miller 70793075fc fix(build): use db.Find for org list, remove unused org_model import
Branch Policy Check / Verify merge target (pull_request) Successful in 1s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 6s
Details
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
Details
PR RC Release / Build RC Release (pull_request) Successful in 22s
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-02 08:21:39 -05:00
Jonathan Miller 2799558040 feat(orgs): enterprise sub-org hierarchy with parent-child relationships (#410)
Branch Policy Check / Verify merge target (pull_request) Successful in 1s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 6s
Details
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
Details
PR RC Release / Build RC Release (pull_request) Successful in 26s
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details 
Add ParentOrgID field to User model for org hierarchy. Parent orgs
can have child orgs, enabling enterprise structures like
MokoConsulting → client orgs.

Model changes:
- ParentOrgID int64 on User (INDEX, DEFAULT 0)
- GetChildOrgs, GetAncestorOrgIDs, GetParentOrg helpers
- Max 10 hierarchy levels with cycle detection

License integration:
- ListLicensePackagesWithAncestors — shows packages from parent orgs
- ListLicenseKeysWithAncestors — shows keys from parent orgs
- SearchLicenseKeysWithAncestors — searches across hierarchy
- Master keys from parent orgs validate for child org repos

UI:
- Parent org dropdown in org settings (owners/admins only)
- Shows all orgs user owns except self

Migration v341: adds parent_org_id column to user table.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-02 08:14:08 -05:00
Jonathan Miller 37322e4212 feat(updates): manual release-to-stream mapping
Branch Policy Check / Verify merge target (pull_request) Successful in 1s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 6s
Details
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
Details
PR RC Release / Build RC Release (pull_request) Successful in 22s
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details 
Add release_stream_map table for explicitly assigning releases to
update streams. When a mapping exists, it overrides automatic tag
detection. When absent, falls back to tag name/suffix matching.

New model: ReleaseStreamMap with SetReleaseStream, GetReleaseStream,
ResolveReleaseStream (manual first, auto fallback).

UI: stream selector dropdown on release create/edit page, shown when
licensing is enabled. Options: auto-detect (default) or any
configured stream (stable, release-candidate, beta, etc.).

All three feed generators (Joomla, Dolibarr, WordPress) now use
ResolveReleaseStream instead of MatchStreamFromTag.

Migration v340 updated with release_stream_map table creation.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-02 07:37:02 -05:00
Jonathan Miller 0a3cd3115f feat(updates): support stream-name tags alongside version tags 
MatchStreamFromTag now checks if the tag name directly matches a
stream name (e.g. "stable", "release-candidate", "development")
before falling back to suffix matching. Supports both conventions:

1. Stream-name tags: tag IS the stream (MokoWaaS style)
2. Version tags: tag has version + suffix (v1.0.0-rc1 style)

When a stream-name tag is detected, the version number is extracted
from the release title instead of the tag. Falls back to tag name
if no version found in title.

Applied across all feed generators: Joomla XML, Dolibarr JSON,
WordPress JSON, and Changelog XML.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-02 07:21:02 -05:00
Jonathan Miller 0e7d3c4a34 fix(security): ownership guards, RepoScope parsing, CSRF tokens, XSS escaping
Branch Policy Check / Verify merge target (pull_request) Successful in 1s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 5s
Details
PR RC Release / Build RC Release (pull_request) Failing after 17s
Details
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details 
SECURITY: Add verifyPackageOwnership/verifyKeyOwnership checks to
all API handlers that accept ID parameters. Prevents cross-org
access where an admin of org A could modify org B's license data.

FIX: RepoScope validation now properly parses JSON arrays using
json.Unmarshal instead of strings.Contains. The old approach matched
substrings (repo ID "2" matched inside "12"). Now uses typed int64
comparison.

FIX: Add {{$.CsrfTokenHtml}} to both delete confirmation modal
forms (package and key) in repo and org templates. Without CSRF
tokens, the form-fetch-action POST requests would be rejected.

FIX: HTML-escape release notes in WordPress changelog to prevent
XSS via malicious release note content reaching WP admin dashboards.

FIX: Parse AllowedChannels JSON format before comma-split fallback
to avoid garbage values from splitting JSON arrays by comma.

FIX: Add missing third return value (false) on error path in
validateUpdateKey to prevent compile error.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-02 06:59:29 -05:00
Jonathan Miller a20153a0e0 fix(licenses): no-download mode shows release notes but hides files 
In "no-download" feed visibility mode, anonymous users can browse
the release listing page and read release notes, but the download
section (attachments, source archives) is replaced with a "Sign in
to download" message.

Only "hidden" mode redirects anonymous users to login entirely.
"no-download" keeps the page public — release notes, changelogs,
and version info are all visible. Just the actual files are gated.

This matches the commercial pattern: let users see what's available
to motivate purchase, while protecting the actual deliverables.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-02 06:42:44 -05:00
Jonathan Miller a149edccd3 feat(licenses): feed visibility modes and login-required releases 
Add FeedVisibility field to UpdateStreamConfig with three modes:
- public: full feed with download URLs (default)
- no-download: version info visible but download URLs stripped
- hidden: empty feed returned without a valid license key

The "no-download" mode is the key commercial pattern — customers
see updates exist (motivating purchase/renewal) but cannot download
without a valid key. Joomla shows "update available" in admin.

Applied consistently across all update feed endpoints (Joomla XML,
Dolibarr JSON, WordPress JSON) via the shared validateUpdateKey()
which now returns a stripDownloads flag.

Also: when licensing is enabled, the release listing page requires
login. Anonymous users are redirected to the login page. This
prevents browsing release notes and download links without auth.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-02 06:38:09 -05:00
Jonathan Miller 01eb9944ca feat(licenses): replace channel checkboxes with combolist picker 
Use the existing shared/combolist.tmpl component for channel
selection in create and edit package forms. This mimics the
issue label picker UI — a searchable dropdown with checkmarks
and a selected-items list below.

Replaces raw checkboxes (repo + org templates) and Fomantic
multiple selection dropdowns (edit templates) with the
combo-multiselect component that has proper JS for toggle,
search, and clear functionality.

Handler parsing updated: combolist sends comma-separated values
in a single hidden input (vs multiple checkbox form values).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-02 06:30:59 -05:00
Jonathan Miller e3a8ae2595 feat(settings): add extension metadata to repo settings (#335) 
Repo settings now include extension metadata fields (element name,
display name, type, target version, maintainer, PHP minimum) under
the Licensing section. These override org-level defaults per-repo.

Empty fields inherit from the organization's update stream config.
Extension type dropdown includes: package, component, module,
plugin, template, library — plus an "(inherit from org)" option.

Also adds form fields to the RepoSettingsForm struct for all
metadata fields.

Closes #335

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-02 06:19:48 -05:00
Jonathan Miller 1fabdb94ec feat(updates): WordPress PUC-compatible update feed (#351) 
New endpoint: GET /{owner}/{repo}/updates/wordpress.json

Generates JSON compatible with the YahnisElsts plugin-update-checker
library — the standard for commercial WordPress plugin self-hosted
updates. Returns name, slug, version, download_url, homepage,
requires_php, author, sections (changelog HTML), icons, and banners.

License key validation: reads from ?license_key=, ?dlid=, or ?key=
query params (PUC sends these via addQueryArgFilter). When RequireKey
is enabled, returns minimal empty response without download_url.

Changelog section built from release notes (last 10 stable releases),
converting markdown list items to HTML <ul>/<li> elements.

Icon/banner URLs point to conventional paths in the repo:
  assets/icon-128x128.png, assets/icon-256x256.png
  assets/banner-772x250.png, assets/banner-1544x500.png

Route registered at /updates/wordpress.json alongside existing
/updates.xml (Joomla) and /updates/dolibarr.json.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-02 00:01:16 -05:00
Jonathan Miller d204ecb9f0 fix(licenses): enforce RepoScope validation and add API revoke endpoint 
SECURITY: ValidateLicenseKeyForRepo() now checks the package's
RepoScope field against the requesting repo ID. A package scoped
to repo A will reject keys when accessed from repo B's update feed.
Update server and download gating both use the new function.

Master/internal keys bypass repo scope checks.

RepoScope supports: "all" (any repo), single repo ID string,
or JSON array of repo IDs like ["1","5","12"].

Also adds POST /license-keys/{id}/revoke API endpoint that was
missing from the API but existed in web handlers.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-01 05:33:26 -05:00
Jonathan Miller 3e8124a2b7 feat(licenses): API package CRUD, settings API, and repo scope UI 
API package endpoints (#388):
- PATCH /license-packages/{id} — edit package (master protected)
- DELETE /license-packages/{id} — delete package (master protected)
- POST /license-packages/{id}/archive — archive package
- POST /license-packages/{id}/unarchive — restore package

Settings API (#349):
- GET /license-settings — read licensing/update stream config
- PUT /license-settings — update config (all metadata fields)
- New LicenseSettings struct in API types

Repo scope UI (#395):
- Dropdown in create/edit package forms listing org repos
- "All repositories" default option
- RepoScope read from form in both repo and org handlers
- OrgRepos loaded via GetOrgRepositories in Licenses handlers

Refs #341, #346, #349, #388, #395

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-01 05:21:09 -05:00
Jonathan Miller 53a5d0b97b feat(licenses): domain lock timer, infourl fix, Akeeba-compatible XML format 
Domain lock timer: add DomainLockHours to LicensePackage and
FirstUsedUnix to LicenseKey. During the grace period after first
use, any domain is accepted and auto-added to the restriction list.
After the grace period, only listed domains are allowed. Set 0 for
immediate lock-on-first-use (default).

Fix infourl: default to /releases listing page instead of specific
tag page. Falls back to SupportURL or InfoURL if configured.

Match Akeeba Backup Pro XML format: downloadkey prefix is "dlid="
(not "&dlid="), matching how Joomla stores extra_query. Verified
against production Akeeba/JCE/AdminTools manifests via SSH.

Update migration v340 with FirstUsedUnix and DomainLockHours columns.

Add DomainLockHours field to create/edit package forms for both
repo and org levels with help text.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-01 05:00:50 -05:00
Jonathan Miller 448b7d3ab0 feat(licenses): archive, search, download gating, changelog XML, and expanded permissions 
Migration v340: sync all missing columns (key_raw, payment_ref,
last_heartbeat_unix, is_archived, licensing_enabled, download_gating,
support_url, and all extension metadata fields).

Package archiving (#384): add IsArchived field with archive/unarchive
handlers and collapsible "Archived Packages" section in templates.
Existing keys from archived packages continue to work.

Expanded delete permissions (#385): org owners and site admins can
permanently delete packages and keys (previously site admin only).

Search (#392): server-side search across key_prefix, key_raw,
licensee_name, licensee_email, domain_restriction, and payment_ref
via ?q= query parameter on both repo and org licenses pages.

Sortable tables (#390): Fomantic UI sortable class on keys table
with new Domain column showing DomainRestriction per key.

Download gating (#347): three modes — none, prerelease-only, and
all downloads. CheckDownloadGating() intercepts both release
attachment and git archive download handlers.

Support URL (#393): configurable SupportURL field on
UpdateStreamConfig for wiki or external site links.

Changelog XML (#343): ServeChangelogXML endpoint at /changelog.xml
generates Joomla-compatible changelog from release notes. Parses
Keep-a-Changelog markdown sections into <security>, <fix>,
<addition>, <change>, <remove>, <note> XML elements.

API renew (#387): POST /license-keys/{id}/renew endpoint extends
key expiration by package duration.

Closes #384, #385, #386, #387, #389, #390, #392, #393
Refs #343, #346, #347

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-06-01 04:45:20 -05:00
Jonathan Miller e998c494b2 fix: resolve tech-debt batch 7 — dead routes, stale FIXMEs, feed revision
Branch Policy Check / Verify merge target (pull_request) Successful in 1s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 6s
Details
PR RC Release / Build RC Release (pull_request) Successful in 20s
Details
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details 
- chore: remove stale mustNotBeArchived FIXME (CanEnableEditor no longer exists)
- fix(routes): remove dead /cherry-pick/{sha} route — replaced by /_cherrypick/
- fix(feed): use full ref name instead of ShortName for file feed revision

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-05-31 13:46:06 -05:00