Merge pull request 'fix(settings): remove duplicate description from manifest' (#559) from fix/manifest-desc-dedup into dev

Description is already managed in repo general settings. The manifest
now reads it from the repository object instead of a separate form field.

.mokogitea/mcp/src/index.ts

@@ -445,9 +445,10 @@ server.tool(
 		assignees: z.array(z.string()).optional().describe('Usernames to assign'),
 		status_id: z.number().optional().describe('Custom status definition ID'),
 		priority_id: z.number().optional().describe('Custom priority definition ID'),
+		type_id: z.number().optional().describe('Custom type definition ID'),
 		...ConnectionParam,
 	},
-	async ({ owner, repo, title, body: issueBody, labels, milestone, assignees, status_id, priority_id, connection }) => {
+	async ({ owner, repo, title, body: issueBody, labels, milestone, assignees, status_id, priority_id, type_id, connection }) => {
 		const c = clientFor(connection);
 
 		// Search for existing issue with same title to prevent duplicates
@@ -483,6 +484,7 @@ server.tool(
 			if (issueData?.id) {
 				if (status_id !== undefined) await c.post(`/repos/${owner}/${repo}/issues/${issueData.id}/custom-status`, { status_id });
 				if (priority_id !== undefined) await c.post(`/repos/${owner}/${repo}/issues/${issueData.id}/custom-priority`, { priority_id });
+				if (type_id !== undefined) await c.post(`/repos/${owner}/${repo}/issues/${issueData.id}/custom-type`, { type_id });
 			}
 			const out = formatResponse(res);
 			out.content[0].text = `Updated existing issue #${existing.number} (duplicate prevented)\n${out.content[0].text}`;
@@ -501,6 +503,7 @@ server.tool(
 		if (newIssue?.id) {
 			if (status_id !== undefined) await c.post(`/repos/${owner}/${repo}/issues/${newIssue.id}/custom-status`, { status_id });
 			if (priority_id !== undefined) await c.post(`/repos/${owner}/${repo}/issues/${newIssue.id}/custom-priority`, { priority_id });
+			if (type_id !== undefined) await c.post(`/repos/${owner}/${repo}/issues/${newIssue.id}/custom-type`, { type_id });
 		}
 		return formatResponse(res);
 	},
@@ -2006,6 +2009,52 @@ server.tool(
 	},
 );
 
+// ── Issue Types (org-level) ──────────────────────────────────────────────
+
+server.tool(
+	'gitea_org_issue_types_list',
+	'List custom issue type definitions for an organization',
+	{
+		org: z.string().describe('Organization name'),
+		...ConnectionParam,
+	},
+	async ({ org, connection }) => {
+		const c = clientFor(connection);
+		return formatResponse(await c.get(`/orgs/${org}/issue-types`));
+	},
+);
+
+server.tool(
+	'gitea_issue_set_type',
+	'Set custom type on an issue',
+	{
+		owner: z.string().describe('Repository owner'),
+		repo: z.string().describe('Repository name'),
+		issue_id: z.number().describe('Internal issue ID'),
+		type_id: z.number().describe('Type definition ID (0 to clear)'),
+		...ConnectionParam,
+	},
+	async ({ owner, repo, issue_id, type_id, connection }) => {
+		const c = clientFor(connection);
+		return formatResponse(await c.post(`/repos/${owner}/${repo}/issues/${issue_id}/custom-type`, { type_id }));
+	},
+);
+
+// ── Security ────────────────────────────────────────────────────────────
+
+server.tool(
+	'gitea_security_alerts',
+	'List security alerts for a repository',
+	{
+		...OwnerRepo,
+		...ConnectionParam,
+	},
+	async ({ owner, repo, connection }) => {
+		const c = clientFor(connection);
+		return formatResponse(await c.get(`/repos/${owner}/${repo}/security/alerts`));
+	},
+);
+
 // ── Start Server ────────────────────────────────────────────────────────
 
 async function main(): Promise<void> {

.mokogitea/workflows/npm-publish.yml

@@ -0,0 +1,51 @@
+name: Publish MCP to npm
+on:
+  push:
+    branches: [main]
+    paths:
+      - '.mokogitea/mcp/**'
+
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          registry-url: 'https://registry.npmjs.org'
+
+      - name: Install and build
+        working-directory: .mokogitea/mcp
+        run: |
+          npm ci
+          npx tsc
+
+      - name: Check version change
+        id: version
+        working-directory: .mokogitea/mcp
+        run: |
+          LOCAL_VERSION=$(node -p "require('./package.json').version")
+          NPM_VERSION=$(npm view @mokoconsulting/mokogitea-mcp version 2>/dev/null || echo "0.0.0")
+          if [ "$LOCAL_VERSION" != "$NPM_VERSION" ]; then
+            echo "changed=true" >> $GITHUB_OUTPUT
+            echo "Version changed: $NPM_VERSION -> $LOCAL_VERSION"
+          else
+            echo "changed=false" >> $GITHUB_OUTPUT
+            echo "Version unchanged: $LOCAL_VERSION"
+          fi
+
+      - name: Publish to npm
+        if: steps.version.outputs.changed == 'true'
+        working-directory: .mokogitea/mcp
+        run: npm publish --access public
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+
+      - name: Publish to Gitea registry
+        if: steps.version.outputs.changed == 'true'
+        working-directory: .mokogitea/mcp
+        run: |
+          npm publish --registry ${{ github.server_url }}/api/packages/${{ github.repository_owner }}/npm/ \
+            --//$(echo "${{ github.server_url }}" | sed 's|https://||')/api/packages/${{ github.repository_owner }}/npm/:_authToken=${{ secrets.GITEA_TOKEN }}

CHANGELOG.md

@@ -3,6 +3,46 @@
 All notable changes to MokoGitea are documented here. Versions follow the format
 `v{upstream}-moko.{major}.{minor}` (e.g. `v1.26.1-moko.06.03`).
 
+## [v1.26.1-moko.06.10] - 2026-06-06
+
+* FEATURES
+  * feat(issues): first-class Type field with 12 auto-seeded defaults (Bug, Feature, Enhancement, Task, Documentation, Security, Roadmap, Client, Dolibarr, Infrastructure, Joomla, WaaS)
+  * feat(issues): first-class Status field with 13 auto-seeded defaults including 7 Pending states
+  * feat(issues): first-class Priority field with 4 auto-seeded defaults (Critical, High, Medium, Low)
+  * feat(issues): Type/Status/Priority colored badges in issue list view
+  * feat(issues): status dropdown replaces close/reopen button in comment form
+  * feat(security): built-in security scanning platform with secret scanner (15 patterns)
+  * feat(security): Security tab in repo navigation with alerts, scan controls
+  * feat(wiki): hierarchical folder navigation with sidebar tree and breadcrumbs
+  * feat(ui): well-known file tabs (README/LICENSE/CONTRIBUTING/SECURITY/CHANGELOG)
+  * feat(settings): repo manifest settings with REST API and auto-sync on push
+  * feat(mcp): public MCP server published to npm (@mokoconsulting/mokogitea-mcp)
+  * feat(mcp): SSE transport, env var config, Docker support, 120+ tools
+  * feat(mcp): issue dedup on create, type_id/status_id/priority_id params
+
+* MIGRATIONS
+  * All org labels migrated to first-class Type/Status/Priority fields and deleted
+  * Type custom field (id=9) migrated to type_id and deleted
+  * Status custom field (id=1) deleted (replaced by first-class field)
+  * Priority labels migrated to priority_id
+  * Pending labels migrated to status definitions
+  * Scope labels migrated to type definitions
+  * Manifests populated for all 61 repos via API
+
+* FIXES
+  * fix(ui): dashboard issue count badges use label spans instead of strong tags
+  * fix(wiki): directory check before raw redirect for folder navigation
+  * fix(wiki): proper display names in sidebar tree (strip dash markers)
+  * fix: replace non-ASCII em dashes with hyphens for hook compatibility
+  * fix: hookify __init__.py for stop hook JSON validation
+
+* INFRASTRUCTURE
+  * npm: @mokoconsulting/mokogitea-mcp@1.1.0 and @mokoconsulting/mokowaas-mcp@1.0.0
+  * MCP servers consolidated under moko-platform/mcp/servers/
+  * Remote MCP repos renamed to hyphens
+  * Wiki restructured into features/, api/, operations/ folders
+  * Swagger API docs enabled at /api/swagger
+
 ## [v1.26.1-moko.06.04] - 2026-06-06
 
 * FEATURES

models/issues/issue.go

@@ -80,6 +80,8 @@ type Issue struct {
 	Status            *IssueStatusDef  `xorm:"-"`
 	PriorityID        int64             `xorm:"INDEX NOT NULL DEFAULT 0 'priority_id'"`
 	PriorityDef       *IssuePriorityDef `xorm:"-"`
+	TypeID            int64             `xorm:"INDEX NOT NULL DEFAULT 0 'type_id'"`
+	TypeDef           *IssueTypeDef     `xorm:"-"`
 	IsRead            bool             `xorm:"-"`
 	IsPull            bool             `xorm:"INDEX"` // Indicates whether is a pull request or not.
 	PullRequest       *PullRequest     `xorm:"-"`

models/issues/issue_type.go

@@ -0,0 +1,114 @@
+// Copyright 2026 Moko Consulting <hello@mokoconsulting.tech>
+// SPDX-License-Identifier: GPL-3.0-or-later
+
+package issues
+
+import (
+	"context"
+
+	"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
+	"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/timeutil"
+)
+
+func init() {
+	db.RegisterModel(new(IssueTypeDef))
+}
+
+// IssueTypeDef defines a custom issue type at the org level.
+type IssueTypeDef struct {
+	ID          int64              `xorm:"pk autoincr"`
+	OrgID       int64              `xorm:"INDEX NOT NULL DEFAULT 0 'org_id'"`
+	Name        string             `xorm:"NOT NULL"`
+	Color       string             `xorm:"VARCHAR(7)"`
+	Description string             `xorm:"TEXT"`
+	SortOrder   int                `xorm:"NOT NULL DEFAULT 0 'sort_order'"`
+	IsDefault   bool               `xorm:"NOT NULL DEFAULT false 'is_default'"`
+	IsActive    bool               `xorm:"NOT NULL DEFAULT true 'is_active'"`
+	CreatedUnix timeutil.TimeStamp `xorm:"INDEX CREATED 'created_unix'"`
+	UpdatedUnix timeutil.TimeStamp `xorm:"UPDATED 'updated_unix'"`
+}
+
+func (IssueTypeDef) TableName() string {
+	return "issue_type_def"
+}
+
+// GetIssueTypeDefsByOrg returns active type definitions for an org.
+// Auto-seeds defaults if none exist.
+func GetIssueTypeDefsByOrg(ctx context.Context, orgID int64) ([]*IssueTypeDef, error) {
+	defs := make([]*IssueTypeDef, 0, 10)
+	if err := db.GetEngine(ctx).
+		Where("org_id = ? AND is_active = ?", orgID, true).
+		OrderBy("sort_order ASC, id ASC").
+		Find(&defs); err != nil {
+		return nil, err
+	}
+	if len(defs) == 0 && orgID > 0 {
+		if err := seedDefaultIssueTypes(ctx, orgID); err != nil {
+			return defs, nil
+		}
+		return GetIssueTypeDefsByOrg(ctx, orgID)
+	}
+	return defs, nil
+}
+
+// GetAllIssueTypeDefsByOrg returns all type definitions (including inactive).
+func GetAllIssueTypeDefsByOrg(ctx context.Context, orgID int64) ([]*IssueTypeDef, error) {
+	defs := make([]*IssueTypeDef, 0, 10)
+	return defs, db.GetEngine(ctx).
+		Where("org_id = ?", orgID).
+		OrderBy("sort_order ASC, id ASC").
+		Find(&defs)
+}
+
+// GetIssueTypeDefByID returns a single type definition.
+func GetIssueTypeDefByID(ctx context.Context, id int64) (*IssueTypeDef, error) {
+	def := new(IssueTypeDef)
+	has, err := db.GetEngine(ctx).ID(id).Get(def)
+	if err != nil {
+		return nil, err
+	}
+	if !has {
+		return nil, db.ErrNotExist{Resource: "IssueTypeDef", ID: id}
+	}
+	return def, nil
+}
+
+func CreateIssueTypeDef(ctx context.Context, def *IssueTypeDef) error {
+	_, err := db.GetEngine(ctx).Insert(def)
+	return err
+}
+
+func UpdateIssueTypeDef(ctx context.Context, def *IssueTypeDef) error {
+	_, err := db.GetEngine(ctx).ID(def.ID).AllCols().Update(def)
+	return err
+}
+
+func DeleteIssueTypeDef(ctx context.Context, id int64) error {
+	if _, err := db.GetEngine(ctx).Exec("UPDATE issue SET type_id = 0 WHERE type_id = ?", id); err != nil {
+		return err
+	}
+	_, err := db.GetEngine(ctx).ID(id).Delete(new(IssueTypeDef))
+	return err
+}
+
+func SetIssueTypeID(ctx context.Context, issueID, typeID int64) error {
+	_, err := db.GetEngine(ctx).Exec("UPDATE issue SET type_id = ? WHERE id = ?", typeID, issueID)
+	return err
+}
+
+func seedDefaultIssueTypes(ctx context.Context, orgID int64) error {
+	defaults := []*IssueTypeDef{
+		{OrgID: orgID, Name: "Bug", Color: "#dc2626", SortOrder: 1, IsActive: true},
+		{OrgID: orgID, Name: "Feature", Color: "#2563eb", SortOrder: 2, IsDefault: true, IsActive: true},
+		{OrgID: orgID, Name: "Enhancement", Color: "#16a34a", SortOrder: 3, IsActive: true},
+		{OrgID: orgID, Name: "Task", Color: "#6b7280", SortOrder: 4, IsActive: true},
+		{OrgID: orgID, Name: "Documentation", Color: "#8b5cf6", SortOrder: 5, IsActive: true},
+		{OrgID: orgID, Name: "Security", Color: "#e11d48", SortOrder: 6, IsActive: true},
+	}
+	for _, d := range defaults {
+		if _, err := db.GetEngine(ctx).Insert(d); err != nil {
+			return err
+		}
+	}
+	return nil
+}

models/migrations/migrations.go

@@ -427,6 +427,7 @@ func prepareMigrationTasks() []*migration {
 		newMigration(347, "Add repo manifest table", v1_27.AddRepoManifestTable),
 		newMigration(348, "Add issue priority definitions table", v1_27.AddIssuePriorityDefTable),
 		newMigration(349, "Add security scanning tables", v1_27.AddSecurityScanningTables),
+		newMigration(350, "Add issue type definitions table", v1_27.AddIssueTypeDefTable),
 	}
 	return preparedMigrations
 }

models/migrations/v1_27/v351.go

@@ -0,0 +1,29 @@
+// Copyright 2026 Moko Consulting <hello@mokoconsulting.tech>
+// SPDX-License-Identifier: GPL-3.0-or-later
+
+package v1_27
+
+import "xorm.io/xorm"
+
+// AddIssueTypeDefTable creates the issue_type_def table and adds type_id to issues.
+func AddIssueTypeDefTable(x *xorm.Engine) error {
+	type IssueTypeDef struct {
+		ID          int64  `xorm:"pk autoincr"`
+		OrgID       int64  `xorm:"INDEX NOT NULL DEFAULT 0 'org_id'"`
+		Name        string `xorm:"NOT NULL"`
+		Color       string `xorm:"VARCHAR(7)"`
+		Description string `xorm:"TEXT"`
+		SortOrder   int    `xorm:"NOT NULL DEFAULT 0 'sort_order'"`
+		IsDefault   bool   `xorm:"NOT NULL DEFAULT false 'is_default'"`
+		IsActive    bool   `xorm:"NOT NULL DEFAULT true 'is_active'"`
+		CreatedUnix int64  `xorm:"INDEX CREATED 'created_unix'"`
+		UpdatedUnix int64  `xorm:"UPDATED 'updated_unix'"`
+	}
+	if err := x.Sync(new(IssueTypeDef)); err != nil {
+		return err
+	}
+	type Issue struct {
+		TypeID int64 `xorm:"INDEX NOT NULL DEFAULT 0 'type_id'"`
+	}
+	return x.Sync(new(Issue))
+}

options/locale/locale_en-US.json

@@ -1584,6 +1584,7 @@
   "repo.issues.save": "Save",
   "repo.issues.status": "Status",
   "repo.issues.priority": "Priority",
+  "repo.issues.type": "Type",
   "repo.issues.label_title": "Name",
   "repo.issues.label_description": "Description",
   "repo.issues.label_color": "Color",
@@ -2991,6 +2992,18 @@
   "org.settings.issue_priority_created": "Issue priority created.",
   "org.settings.issue_priority_updated": "Issue priority updated.",
   "org.settings.issue_priority_deleted": "Issue priority deleted.",
+  "org.settings.issue_types": "Issue Types",
+  "org.settings.issue_types_desc": "Define issue types for all repositories in this organization.",
+  "org.settings.issue_types_empty": "No custom issue types defined yet.",
+  "org.settings.issue_type_add": "Add Type",
+  "org.settings.issue_type_name": "Type Name",
+  "org.settings.issue_type_color": "Color",
+  "org.settings.issue_type_description": "Description",
+  "org.settings.issue_type_default": "Default",
+  "org.settings.issue_type_sort_order": "Sort Order",
+  "org.settings.issue_type_created": "Issue type created.",
+  "org.settings.issue_type_updated": "Issue type updated.",
+  "org.settings.issue_type_deleted": "Issue type deleted.",
   "org.settings.update_streams": "Update Server",
   "org.settings.licensing": "Update Server",
   "org.settings.licensing_desc": "Manage update feeds and optional license key gating across all repositories in this organization.",

routers/web/org/issue_types.go

@@ -0,0 +1,98 @@
+// Copyright 2026 Moko Consulting <hello@mokoconsulting.tech>
+// SPDX-License-Identifier: GPL-3.0-or-later
+
+package org
+
+import (
+	"net/http"
+	"strconv"
+
+	issues_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/issues"
+	"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/templates"
+	"code.mokoconsulting.tech/MokoConsulting/MokoGitea/services/context"
+)
+
+const tplOrgIssueTypes templates.TplName = "org/settings/issue_types"
+
+func SettingsIssueTypes(ctx *context.Context) {
+	ctx.Data["Title"] = ctx.Tr("org.settings.issue_types")
+	ctx.Data["PageIsOrgSettings"] = true
+	ctx.Data["PageIsSettingsIssueTypes"] = true
+
+	defs, err := issues_model.GetAllIssueTypeDefsByOrg(ctx, ctx.Org.Organization.ID)
+	if err != nil {
+		ctx.ServerError("GetAllIssueTypeDefsByOrg", err)
+		return
+	}
+	ctx.Data["IssueTypes"] = defs
+	ctx.HTML(http.StatusOK, tplOrgIssueTypes)
+}
+
+func SettingsIssueTypesCreatePost(ctx *context.Context) {
+	sortOrder, _ := strconv.Atoi(ctx.FormString("sort_order"))
+	def := &issues_model.IssueTypeDef{
+		OrgID:       ctx.Org.Organization.ID,
+		Name:        ctx.FormString("name"),
+		Color:       ctx.FormString("color"),
+		Description: ctx.FormString("description"),
+		SortOrder:   sortOrder,
+		IsDefault:   ctx.FormString("is_default") == "on",
+		IsActive:    true,
+	}
+	if def.Name == "" {
+		ctx.Flash.Error("Type name is required")
+		ctx.Redirect(ctx.Org.OrgLink + "/settings/issue-types")
+		return
+	}
+	if err := issues_model.CreateIssueTypeDef(ctx, def); err != nil {
+		ctx.ServerError("CreateIssueTypeDef", err)
+		return
+	}
+	ctx.Flash.Success(ctx.Tr("org.settings.issue_type_created"))
+	ctx.Redirect(ctx.Org.OrgLink + "/settings/issue-types")
+}
+
+func SettingsIssueTypesEditPost(ctx *context.Context) {
+	id := ctx.PathParamInt64("id")
+	def, err := issues_model.GetIssueTypeDefByID(ctx, id)
+	if err != nil {
+		ctx.ServerError("GetIssueTypeDefByID", err)
+		return
+	}
+	if def.OrgID != ctx.Org.Organization.ID {
+		ctx.NotFound(nil)
+		return
+	}
+	def.Name = ctx.FormString("name")
+	def.Color = ctx.FormString("color")
+	def.Description = ctx.FormString("description")
+	def.IsDefault = ctx.FormString("is_default") == "on"
+	def.IsActive = ctx.FormString("is_active") == "on"
+	sortOrder, _ := strconv.Atoi(ctx.FormString("sort_order"))
+	def.SortOrder = sortOrder
+	if err := issues_model.UpdateIssueTypeDef(ctx, def); err != nil {
+		ctx.ServerError("UpdateIssueTypeDef", err)
+		return
+	}
+	ctx.Flash.Success(ctx.Tr("org.settings.issue_type_updated"))
+	ctx.Redirect(ctx.Org.OrgLink + "/settings/issue-types")
+}
+
+func SettingsIssueTypesDeletePost(ctx *context.Context) {
+	id := ctx.PathParamInt64("id")
+	def, err := issues_model.GetIssueTypeDefByID(ctx, id)
+	if err != nil {
+		ctx.ServerError("GetIssueTypeDefByID", err)
+		return
+	}
+	if def.OrgID != ctx.Org.Organization.ID {
+		ctx.NotFound(nil)
+		return
+	}
+	if err := issues_model.DeleteIssueTypeDef(ctx, id); err != nil {
+		ctx.ServerError("DeleteIssueTypeDef", err)
+		return
+	}
+	ctx.Flash.Success(ctx.Tr("org.settings.issue_type_deleted"))
+	ctx.Redirect(ctx.Org.OrgLink + "/settings/issue-types")
+}

routers/web/repo/issue_custom_type.go

@@ -0,0 +1,43 @@
+// Copyright 2026 Moko Consulting <hello@mokoconsulting.tech>
+// SPDX-License-Identifier: GPL-3.0-or-later
+
+package repo
+
+import (
+	"fmt"
+	"net/http"
+
+	issues_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/issues"
+	"code.mokoconsulting.tech/MokoConsulting/MokoGitea/services/context"
+)
+
+// UpdateIssueCustomType handles POST to set a custom type on an issue.
+func UpdateIssueCustomType(ctx *context.Context) {
+	issueID := ctx.PathParamInt64("id")
+	typeID := ctx.FormInt64("type_id")
+
+	issue, err := issues_model.GetIssueByID(ctx, issueID)
+	if err != nil {
+		ctx.ServerError("GetIssueByID", err)
+		return
+	}
+
+	if typeID > 0 {
+		typeDef, err := issues_model.GetIssueTypeDefByID(ctx, typeID)
+		if err != nil {
+			ctx.ServerError("GetIssueTypeDefByID", err)
+			return
+		}
+		if typeDef.OrgID != ctx.Repo.Repository.OwnerID {
+			ctx.NotFound(nil)
+			return
+		}
+	}
+
+	if err := issues_model.SetIssueTypeID(ctx, issueID, typeID); err != nil {
+		ctx.ServerError("SetIssueTypeID", err)
+		return
+	}
+
+	ctx.Redirect(fmt.Sprintf("%s/issues/%d", ctx.Repo.RepoLink, issue.Index), http.StatusSeeOther)
+}

routers/web/repo/issue_list.go

@@ -536,6 +536,14 @@ func prepareIssueFilterAndList(ctx *context.Context, milestoneID int64, projectI
 	}
 	ctx.Data["CustomFieldDefs"] = customFieldDefs
 	ctx.Data["CustomFieldFilters"] = customFieldFilters
+
+	// Load first-class field definitions for issue list badges
+	issueStatusDefs, _ := issues_model.GetIssueStatusDefsByOrg(ctx, repo.OwnerID)
+	ctx.Data["IssueStatusDefs"] = issueStatusDefs
+	issuePriorityDefs, _ := issues_model.GetIssuePriorityDefsByOrg(ctx, repo.OwnerID)
+	ctx.Data["IssuePriorityDefs"] = issuePriorityDefs
+	issueTypeDefs, _ := issues_model.GetIssueTypeDefsByOrg(ctx, repo.OwnerID)
+	ctx.Data["IssueTypeDefs"] = issueTypeDefs
 	// Build a query string fragment for cf_ params so they survive pagination/sort changes.
 	cfQuery := make(url.Values)
 	for fieldID, value := range customFieldFilters {

routers/web/repo/issue_view.go

@@ -379,6 +379,13 @@ func ViewIssue(ctx *context.Context) {
 	}
 	ctx.Data["IssuePriorityDefs"] = issuePriorityDefs
 
+	// Load custom issue type definitions for the sidebar.
+	issueTypeDefs, itErr := issues_model.GetIssueTypeDefsByOrg(ctx, ctx.Repo.Repository.OwnerID)
+	if itErr != nil {
+		log.Error("ViewIssue: GetIssueTypeDefsByOrg: %v", itErr)
+	}
+	ctx.Data["IssueTypeDefs"] = issueTypeDefs
+
 	upload.AddUploadContext(ctx, "comment")
 
 	if err := issue.LoadAttributes(ctx); err != nil {

routers/web/repo/setting/manifest.go

@@ -88,7 +88,7 @@ func ManifestSettingsPost(ctx *context.Context) {
 		RepoID:           ctx.Repo.Repository.ID,
 		Name:             ctx.FormString("name"),
 		Org:              ctx.FormString("org"),
-		Description:      ctx.FormString("description"),
+		Description:      ctx.Repo.Repository.Description,
 		Version:          ctx.FormString("version"),
 		LicenseSPDX:      ctx.FormString("license_spdx"),
 		LicenseName:      ctx.FormString("license_name"),

routers/web/web.go

@@ -1079,6 +1079,12 @@ func registerWebRoutes(m *web.Router, webAuth *AuthMiddleware) {
 					m.Post("/{id}/edit", org.SettingsIssuePrioritiesEditPost)
 					m.Post("/{id}/delete", org.SettingsIssuePrioritiesDeletePost)
 				})
+				m.Group("/issue-types", func() {
+					m.Get("", org.SettingsIssueTypes)
+					m.Post("", org.SettingsIssueTypesCreatePost)
+					m.Post("/{id}/edit", org.SettingsIssueTypesEditPost)
+					m.Post("/{id}/delete", org.SettingsIssueTypesDeletePost)
+				})
 			}, ctxDataSet("EnableOAuth2", setting.OAuth2.Enabled, "EnablePackages", setting.Packages.Enabled, "PageIsOrgSettings", true))
 		}, context.OrgAssignment(context.OrgAssignmentOptions{RequireOwner: true}))
 	}, reqSignIn)
@@ -1419,6 +1425,7 @@ func registerWebRoutes(m *web.Router, webAuth *AuthMiddleware) {
 			m.Post("/{id}/custom-fields/{field_id}", reqRepoIssuesOrPullsWriter, repo.UpdateIssueCustomField)
 			m.Post("/{id}/custom-status", reqRepoIssuesOrPullsWriter, repo.UpdateIssueCustomStatus)
 			m.Post("/{id}/custom-priority", reqRepoIssuesOrPullsWriter, repo.UpdateIssueCustomPriority)
+			m.Post("/{id}/custom-type", reqRepoIssuesOrPullsWriter, repo.UpdateIssueCustomType)
 			m.Post("/delete", reqRepoAdmin, repo.BatchDeleteIssues)
 			m.Delete("/unpin/{index}", reqRepoAdmin, repo.IssueUnpin)
 			m.Post("/move_pin", reqRepoAdmin, repo.IssuePinMove)

services/context/context_response.go

@@ -16,8 +16,11 @@ import (
 	"syscall"
 	"time"
 
+	auth_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/auth"
 	user_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
 	"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/httplib"
+	"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/optional"
+	"code.mokoconsulting.tech/MokoConsulting/MokoGitea/services/auth/source/oauth2"
 	"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
 	"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
 	"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/structs"
@@ -166,6 +169,18 @@ func (ctx *Context) notFoundInternal(logMsg string, logErr error) {
 	ctx.Data["IsRepo"] = ctx.Repo.Repository != nil
 	ctx.Data["Title"] = "Page Not Found"
 	ctx.Data["ErrorMsg"] = "" // FIXME: the template never renders this message, need to fix in the future (and show safe messages to end users)
+	ctx.Data["CurrentURL"] = ctx.Req.URL.RequestURI()
+
+	// Load OAuth2 providers for the login form on error pages
+	if !ctx.IsSigned {
+		oauth2Providers, err := oauth2.GetOAuth2Providers(ctx, optional.Some(true))
+		if err != nil {
+			log.Error("NotFound: GetOAuth2Providers: %v", err)
+		}
+		ctx.Data["OAuth2Providers"] = oauth2Providers
+		ctx.Data["EnableSSPI"] = auth_model.IsSSPIEnabled(ctx)
+	}
+
 	ctx.HTML(http.StatusNotFound, "status/404")
 }
 
@@ -187,6 +202,17 @@ func (ctx *Context) Forbidden() {
 	ctx.Data["IsRepo"] = ctx.Repo.Repository != nil
 	ctx.Data["Title"] = "Access Denied"
 	ctx.Data["CurrentURL"] = ctx.Req.URL.RequestURI()
+
+	// Load OAuth2 providers for the login form on the 403 page
+	if !ctx.IsSigned {
+		oauth2Providers, err := oauth2.GetOAuth2Providers(ctx, optional.Some(true))
+		if err != nil {
+			log.Error("Forbidden: GetOAuth2Providers: %v", err)
+		}
+		ctx.Data["OAuth2Providers"] = oauth2Providers
+		ctx.Data["EnableSSPI"] = auth_model.IsSSPIEnabled(ctx)
+	}
+
 	ctx.HTML(http.StatusForbidden, "status/403")
 }
 

templates/org/settings/issue_types.tmpl

@@ -0,0 +1,81 @@
+{{template "org/settings/layout_head" (dict "ctxData" . "pageClass" "organization settings issue-types")}}
+<h4 class="ui top attached header">
+	{{ctx.Locale.Tr "org.settings.issue_types"}}
+</h4>
+<div class="ui attached segment">
+	<p class="text grey">{{ctx.Locale.Tr "org.settings.issue_types_desc"}}</p>
+
+	{{if .IssueTypes}}
+	<table class="ui compact table">
+		<thead>
+			<tr>
+				<th>{{ctx.Locale.Tr "org.settings.issue_type_color"}}</th>
+				<th>{{ctx.Locale.Tr "org.settings.issue_type_name"}}</th>
+				<th>{{ctx.Locale.Tr "org.settings.issue_type_default"}}</th>
+				<th>{{ctx.Locale.Tr "org.settings.issue_type_sort_order"}}</th>
+				<th></th>
+			</tr>
+		</thead>
+		<tbody>
+			{{range .IssueTypes}}
+			<tr {{if not .IsActive}}class="tw-opacity-50"{{end}}>
+				<td>
+					{{if .Color}}<span class="tw-inline-block tw-w-4 tw-h-4 tw-rounded" style="background-color: {{.Color}}"></span>{{else}}<span class="text grey">-</span>{{end}}
+				</td>
+				<td>
+					<strong>{{.Name}}</strong>
+					{{if not .IsActive}}<span class="ui mini grey label">Inactive</span>{{end}}
+					{{if .Description}}<br><small class="text grey">{{.Description}}</small>{{end}}
+				</td>
+				<td>
+					{{if .IsDefault}}<span class="ui mini blue label">{{ctx.Locale.Tr "org.settings.issue_type_default"}}</span>{{else}}<span class="text grey">-</span>{{end}}
+				</td>
+				<td>{{.SortOrder}}</td>
+				<td class="tw-text-right">
+					<form method="post" action="{{$.OrgLink}}/settings/issue-types/{{.ID}}/delete" class="tw-inline">
+						{{$.CsrfTokenHtml}}
+						<button class="ui tiny red icon button" type="submit" title="{{ctx.Locale.Tr "remove"}}">{{svg "octicon-trash" 14}}</button>
+					</form>
+				</td>
+			</tr>
+			{{end}}
+		</tbody>
+	</table>
+	{{else}}
+	<div class="empty-placeholder"><p>{{ctx.Locale.Tr "org.settings.issue_types_empty"}}</p></div>
+	{{end}}
+
+	<div class="divider"></div>
+	<h5>{{ctx.Locale.Tr "org.settings.issue_type_add"}}</h5>
+	<form class="ui form" method="post" action="{{.OrgLink}}/settings/issue-types">
+		{{.CsrfTokenHtml}}
+		<div class="three fields">
+			<div class="required field">
+				<label>{{ctx.Locale.Tr "org.settings.issue_type_name"}}</label>
+				<input name="name" required placeholder="e.g. Bug, Feature, Task">
+			</div>
+			<div class="field">
+				<label>{{ctx.Locale.Tr "org.settings.issue_type_color"}}</label>
+				<input name="color" type="color" value="#2563eb">
+			</div>
+			<div class="field">
+				<label>{{ctx.Locale.Tr "org.settings.issue_type_sort_order"}}</label>
+				<input name="sort_order" type="number" value="0" min="0">
+			</div>
+		</div>
+		<div class="two fields">
+			<div class="field">
+				<label>{{ctx.Locale.Tr "org.settings.issue_type_description"}}</label>
+				<input name="description" placeholder="Help text">
+			</div>
+			<div class="field">
+				<div class="ui checkbox tw-mt-4">
+					<input name="is_default" type="checkbox">
+					<label>{{ctx.Locale.Tr "org.settings.issue_type_default"}}</label>
+				</div>
+			</div>
+		</div>
+		<button class="ui primary button" type="submit">{{ctx.Locale.Tr "org.settings.issue_type_add"}}</button>
+	</form>
+</div>
+{{template "org/settings/layout_footer" .}}

templates/org/settings/navbar.tmpl

@@ -37,6 +37,9 @@
 		<a class="{{if .PageIsSettingsIssuePriorities}}active {{end}}item" href="{{.OrgLink}}/settings/issue-priorities">
 			{{svg "octicon-flame"}} {{ctx.Locale.Tr "org.settings.issue_priorities"}}
 		</a>
+		<a class="{{if .PageIsSettingsIssueTypes}}active {{end}}item" href="{{.OrgLink}}/settings/issue-types">
+			{{svg "octicon-tag"}} {{ctx.Locale.Tr "org.settings.issue_types"}}
+		</a>
 		{{if .EnableActions}}
 		<details class="item toggleable-item" {{if or .PageIsOrgSettingsActionsGeneral .PageIsSharedSettingsRunners .PageIsSharedSettingsSecrets .PageIsSharedSettingsVariables}}open{{end}}>
 			<summary>{{svg "octicon-play"}} {{ctx.Locale.Tr "actions.actions"}}</summary>

templates/repo/issue/sidebar/issue_type.tmpl

@@ -0,0 +1,33 @@
+{{if .IssueTypeDefs}}
+<div class="divider"></div>
+<div class="tw-flex tw-items-center tw-justify-between tw-gap-2">
+	<span class="text grey tw-text-sm">{{ctx.Locale.Tr "repo.issues.type"}}</span>
+	{{$canModify := and .FieldEditFlags .FieldEditFlags.CustomFields}}
+	{{if $canModify}}
+		<form method="post" action="{{.RepoLink}}/issues/{{.Issue.ID}}/custom-type" class="tw-inline">
+			{{$.CsrfTokenHtml}}
+			<select name="type_id" class="ui compact mini dropdown tw-max-w-48" onchange="this.form.submit()">
+				<option value="0">-</option>
+				{{range .IssueTypeDefs}}
+					<option value="{{.ID}}" {{if eq .ID $.Issue.TypeID}}selected{{end}}
+						{{if .Color}}style="border-left: 3px solid {{.Color}}"{{end}}>
+						{{.Name}}
+					</option>
+				{{end}}
+			</select>
+		</form>
+	{{else}}
+		{{$found := false}}
+		{{range .IssueTypeDefs}}
+			{{if eq .ID $.Issue.TypeID}}
+				{{if .Color}}<span class="tw-inline-block tw-w-3 tw-h-3 tw-rounded" style="background-color: {{.Color}}"></span>{{end}}
+				<span class="tw-text-sm">{{.Name}}</span>
+				{{$found = true}}
+			{{end}}
+		{{end}}
+		{{if not $found}}
+			<span class="tw-text-sm text grey">-</span>
+		{{end}}
+	{{end}}
+</div>
+{{end}}

templates/repo/issue/view_content/sidebar.tmpl

@@ -9,6 +9,8 @@
 
 	{{template "repo/issue/sidebar/issue_priority" $}}
 
+	{{template "repo/issue/sidebar/issue_type" $}}
+
 	{{template "repo/issue/sidebar/custom_fields" $}}
 
 	{{template "repo/issue/sidebar/milestone_list" $.IssuePageMetaData}}

templates/repo/settings/manifest.tmpl

@@ -19,10 +19,6 @@
 				<input name="org" value="{{.Manifest.Org}}" placeholder="Organization">
 			</div>
 		</div>
-		<div class="field">
-			<label>{{ctx.Locale.Tr "repo.settings.manifest_description"}}</label>
-			<input name="description" value="{{.Manifest.Description}}" placeholder="Project description">
-		</div>
 		<div class="three fields">
 			<div class="field">
 				<label>{{ctx.Locale.Tr "repo.settings.manifest_version"}}</label>

templates/shared/issuelist.tmpl

@@ -26,6 +26,9 @@
 							{{range .Labels}}
 								<a href="?q={{$.Keyword}}&type={{$.ViewType}}&state={{$.State}}&labels={{.ID}}{{if ne $.listType "milestone"}}&milestone={{$.MilestoneID}}{{end}}&assignee={{$.AssigneeID}}&poster={{$.PosterID}}{{if $.ShowArchivedLabels}}&archived=true{{end}}">{{ctx.RenderUtils.RenderLabel .}}</a>
 							{{end}}
+							{{if and .TypeID $.IssueTypeDefs}}{{range $.IssueTypeDefs}}{{if eq .ID $.TypeID}}<span class="ui mini label" {{if .Color}}style="background-color: {{.Color}}; color: white"{{end}}>{{.Name}}</span>{{end}}{{end}}{{end}}
+							{{if and .PriorityID $.IssuePriorityDefs}}{{range $.IssuePriorityDefs}}{{if eq .ID $.PriorityID}}<span class="ui mini label" {{if .Color}}style="background-color: {{.Color}}; color: white"{{end}}>{{.Name}}</span>{{end}}{{end}}{{end}}
+							{{if and .StatusID $.IssueStatusDefs}}{{range $.IssueStatusDefs}}{{if eq .ID $.StatusID}}<span class="ui mini label" {{if .Color}}style="background-color: {{.Color}}; color: white"{{end}}>{{.Name}}</span>{{end}}{{end}}{{end}}
 						</span>
 					</div>
 					{{if .TotalTrackedTime}}

templates/status/403.tmpl

@@ -23,6 +23,10 @@
 					</div>
 					<button class="ui primary fluid button tw-mt-2" type="submit">{{ctx.Locale.Tr "sign_in"}}</button>
 				</form>
+				{{if or .OAuth2Providers .EnableSSPI}}
+					<div class="divider"></div>
+					{{template "user/auth/external_auth_methods" .}}
+				{{end}}
 			</div>
 			{{end}}
 		</div>

templates/status/404.tmpl

@@ -11,6 +11,27 @@
 					<a class="tw-block tw-my-4" href="{{.NotFoundGoBackURL}}">{{ctx.Locale.Tr "go_back"}}</a>
 				{{end}}
 			</div>
+			{{if not .IsSigned}}
+			<div class="tw-max-w-sm tw-mx-auto tw-mt-4">
+				<form class="ui form" action="{{AppSubUrl}}/user/login" method="post">
+					{{.CsrfTokenHtml}}
+					<input type="hidden" name="redirect_to" value="{{.CurrentURL}}">
+					<div class="required field">
+						<label>{{ctx.Locale.Tr "home.uname_holder"}}</label>
+						<input type="text" name="user_name" required autofocus>
+					</div>
+					<div class="required field">
+						<label>{{ctx.Locale.Tr "password"}}</label>
+						<input type="password" name="password" required>
+					</div>
+					<button class="ui primary fluid button tw-mt-2" type="submit">{{ctx.Locale.Tr "sign_in"}}</button>
+				</form>
+				{{if or .OAuth2Providers .EnableSSPI}}
+					<div class="divider"></div>
+					{{template "user/auth/external_auth_methods" .}}
+				{{end}}
+			</div>
+			{{end}}
 		</div>
 	</div>
 </div>

templates/user/dashboard/issues.tmpl

@@ -9,29 +9,29 @@
 				<div class="ui secondary vertical filter menu tw-bg-transparent">
 					<a class="{{if eq .ViewType "your_repositories"}}active{{end}} item" href="{{QueryBuild $queryLink "type" "your_repositories"}}">
 						{{ctx.Locale.Tr "home.issues.in_your_repos"}}
-						<strong>{{CountFmt .IssueStats.YourRepositoriesCount}}</strong>
+						<span class="ui small label">{{CountFmt .IssueStats.YourRepositoriesCount}}</span>
 					</a>
 					<a class="{{if eq .ViewType "assigned"}}active{{end}} item" href="{{QueryBuild $queryLink "type" "assigned"}}">
 						{{ctx.Locale.Tr "repo.issues.filter_type.assigned_to_you"}}
-						<strong>{{CountFmt .IssueStats.AssignCount}}</strong>
+						<span class="ui small label">{{CountFmt .IssueStats.AssignCount}}</span>
 					</a>
 					<a class="{{if eq .ViewType "created_by"}}active{{end}} item" href="{{QueryBuild $queryLink "type" "created_by"}}">
 						{{ctx.Locale.Tr "repo.issues.filter_type.created_by_you"}}
-						<strong>{{CountFmt .IssueStats.CreateCount}}</strong>
+						<span class="ui small label">{{CountFmt .IssueStats.CreateCount}}</span>
 					</a>
 					{{if .PageIsPulls}}
 						<a class="{{if eq .ViewType "review_requested"}}active{{end}} item" href="{{QueryBuild $queryLink "type" "review_requested"}}">
 							{{ctx.Locale.Tr "repo.issues.filter_type.review_requested"}}
-							<strong>{{CountFmt .IssueStats.ReviewRequestedCount}}</strong>
+							<span class="ui small label">{{CountFmt .IssueStats.ReviewRequestedCount}}</span>
 						</a>
 						<a class="{{if eq .ViewType "reviewed_by"}}active{{end}} item" href="{{QueryBuild $queryLink "type" "reviewed_by"}}">
 							{{ctx.Locale.Tr "repo.issues.filter_type.reviewed_by_you"}}
-							<strong>{{CountFmt .IssueStats.ReviewedCount}}</strong>
+							<span class="ui small label">{{CountFmt .IssueStats.ReviewedCount}}</span>
 						</a>
 					{{end}}
 					<a class="{{if eq .ViewType "mentioned"}}active{{end}} item" href="{{QueryBuild $queryLink "type" "mentioned"}}">
 						{{ctx.Locale.Tr "repo.issues.filter_type.mentioning_you"}}
-						<strong>{{CountFmt .IssueStats.MentionCount}}</strong>
+						<span class="ui small label">{{CountFmt .IssueStats.MentionCount}}</span>
 					</a>
 				</div>
 			</div>

wiki/custom-issue-statuses.md

@@ -28,23 +28,42 @@ Each status has:
 | Sort Order | Controls display order in dropdowns (ascending) |
 | Is Active | Inactive statuses are hidden from dropdowns but preserved on existing issues |
 
-### Example Statuses
+### Default Statuses (auto-seeded)
 
 | Status | Color | Closes Issue | Use Case |
 |--------|-------|:------------:|----------|
 | In Progress | Blue | No | Work is actively being done |
-| Needs Info | Yellow | No | Waiting for more information from reporter |
-| Blocked | Red | No | Cannot proceed due to external dependency |
-| Won't Fix | Gray | Yes | Decided not to address this issue |
-| Duplicate | Purple | Yes | Already tracked in another issue |
-| Resolved | Green | Yes | Fix has been implemented and verified |
+| Needs Info | Yellow | No | Waiting for more information |
+| Blocked | Red | No | Cannot proceed due to dependency |
+| Resolved | Green | Yes | Fix implemented and verified |
+| Won't Fix | Gray | Yes | Decided not to address |
+| Duplicate | Purple | Yes | Already tracked elsewhere |
+| Pending: Design | Lavender | No | Waiting on design work |
+| Pending: Testing | Yellow | No | Waiting for testing |
+| Pending: Review | Green | No | Waiting for code review |
+| Pending: Feedback | Pink | No | Waiting for feedback |
+| Pending: Documentation | Purple | No | Waiting for docs |
+| Pending: Deployment | Blue | No | Ready to deploy |
+| Pending: Dependency | Light Blue | No | Blocked by external dependency |
+
+Statuses are auto-seeded when an org first accesses them. Admins can add, edit, reorder, or deactivate statuses.
+
+## Comment Form Integration
+
+The status dropdown **replaces the close/reopen button** in the comment form footer for issues with org statuses:
+- Open issues show all statuses plus a "Close" option
+- Selecting a status with `closes_issue = true` auto-closes the issue
+- Closed issues show only "Reopen" for non-admin users
+- Admins see the full dropdown on closed issues including "Reopen"
+- PRs still use the standard close/reopen button
+
+## Issue List Badges
+
+Status shows as a colored badge on each issue in the issue list view, alongside Type and Priority badges.
 
 ## Issue Sidebar
 
-When an organization has custom statuses defined, a **Status** dropdown appears in the issue sidebar between labels and custom fields. The dropdown:
-
-- Shows all active status definitions for the repo's organization
-- Auto-submits on change (no save button needed)
+Status also appears as a read-only display in the sidebar (the editable control is in the comment form). The dropdown:
 - Displays a colored left border on each option
 - Shows a power symbol on statuses that close the issue
 - Selecting "—" (empty) clears the status

wiki/home.md

@@ -7,7 +7,7 @@ Moko Consulting's custom fork of [Gitea](https://gitea.com), extending the self-
 | **Language** | Go |
 | **License** | MIT |
 | **Upstream** | Gitea 1.26.1 |
-| **Version** | v1.26.1-moko.06.07.03 |
+| **Version** | v1.26.1-moko.06.11.00 |
 | **Platform** | [Gitea](https://git.mokoconsulting.tech/MokoConsulting/MokoGitea) |
 
 ---
@@ -16,10 +16,13 @@ Moko Consulting's custom fork of [Gitea](https://gitea.com), extending the self-
 
 - **Commercial License System** — Package-based license keys with download gating, domain restriction, key expiry, and payment webhook API
 - **Update Server** — Built-in update feeds for Joomla, WordPress, Dolibarr, Composer, Drupal, PrestaShop, and WHMCS
-- **Custom Issue Statuses** — Org-defined workflow states (In Progress, Blocked, Won't Fix) with auto close/reopen
+- **First-Class Issue Fields** — Type (12 types), Status (13 statuses), Priority (4 levels) as built-in fields with auto-seed defaults, colored badges in issue list, and sidebar dropdowns
+- **Security Scanning** — Built-in security scanner with secret detection (15 patterns), push-time scanning, alert management, and Security tab in repo navigation
 - **Custom Fields** — Org-level field definitions for issues (sidebar) and repos (metadata) with dropdown, text, number, date, checkbox, and URL types
-- **Manifest Settings** — Per-repo identity/governance/build metadata with REST API for CI/CD integration
+- **Manifest Settings** — Per-repo identity/governance/build metadata with REST API and auto-sync on push
+- **Wiki Folders** — Hierarchical folder navigation with sidebar tree, breadcrumbs, and index page fallback
 - **Well-Known File Tabs** — README/LICENSE/CONTRIBUTING/SECURITY/CHANGELOG tabs on repo home page
+- **MCP Server** — 120+ tool MCP server published to npm (@mokoconsulting/mokogitea-mcp) with SSE transport
 - **Org-Level Branch Protection** — Organization-scoped rulesets that cascade to all repos. Supports glob patterns. Full CRUD API
 - **Enterprise Sub-Orgs** — Parent-child organization hierarchy
 - **Three-Level Visibility** — Public (200), Private (403), Hidden (404) for repositories
@@ -39,6 +42,7 @@ Moko Consulting's custom fork of [Gitea](https://gitea.com), extending the self-
 | [Org Branch Protection API](Org-Branch-Protection-API) | Org-level branch protection rulesets and API reference |
 | [Project API](Project-API) | Custom API endpoint reference for project boards |
 | [Roadmap](Roadmap) | Development roadmap and planned features |
+| [features/](features) | Feature documentation folder |
 
 ---
 

wiki/roadmap.md

@@ -1,42 +1,49 @@
 # MokoGitea Roadmap
 
-## Recently Completed (v1.26.1-moko.06.07)
+## Recently Completed (v1.26.1-moko.06.11)
 
+- First-class Type field (12 types) replacing labels and custom fields
+- First-class Status field (13 statuses) with auto close/reopen
+- First-class Priority field (4 levels) with auto-seed defaults
+- All org labels migrated to first-class fields and deleted
+- Type/Status/Priority colored badges in issue list view
+- Security scanning platform with 15 secret detection patterns
+- Security tab in repo navigation (admin-only)
+- Wiki hierarchical folder navigation with sidebar tree
 - Well-known file tabs (README/LICENSE/CONTRIBUTING/SECURITY/CHANGELOG)
-- Custom issue statuses with auto close/reopen
-- Org-level issue priorities (Critical/High/Medium/Low)
-- Repo manifest settings with REST API
-- Manifest auto-sync on push to default branch
-- Status dropdown replaces close button
-- Auto-seed default statuses and priorities for orgs
-- MCP server published to npm (@mokoconsulting/mokogitea-mcp)
-- MCP SSE transport for hosted deployments
+- Repo manifest settings with REST API and auto-sync on push
+- MCP server published to npm (@mokoconsulting/mokogitea-mcp) with SSE transport
+- Dashboard issue count badges fixed
+- Status dropdown replaces close/reopen button
+- Org settings page for Issue Types
+- MCP SSE endpoint hosted at git.mokoconsulting.tech/mcp/
+- npm auto-publish workflow on MCP source changes
+- OAuth providers on 403/404 error pages
+- All stale branches cleaned up (main + dev only)
 
 ## In Progress
 
+- Rename moko-platform to MokoPlatform
 - Granular role-based permissions for all features (#9)
-- Built-in secret scanning (#508)
-- Enterprise Wiki with hierarchical folder navigation (#79)
 - Wire moko-platform CLI to manifest API (#505)
+- Bulk migrate remaining 41 flat wikis to folders
 
 ## Planned
 
 - Standard status presets and cross-org migration (#507)
 - Auto-create default teams on org creation (#513)
 - Update server reads from repo_manifest (#512)
+- Dependency vulnerability scanner module
+- Code security analysis scanner module
 - Payment gateways for license keys (#135)
 - Independent visibility controls for issues/wiki/projects (#133)
-
-## Infrastructure
-
-- MCP SSE endpoint at git.mokoconsulting.tech/mcp
+- MCP SSE endpoint hosted at git.mokoconsulting.tech/mcp
 - Smithery/Claude Code marketplace listing
-- Docker image for MCP server
-- npm auto-publish workflow on release
 
 ---
 
 | Revision | Date | Author | Description |
 |---|---|---|---|
+| 3.0 | 2026-06-06 | Jonathan Miller (@jmiller) | First-class fields, security scanning, wiki folders, MCP release |
 | 2.0 | 2026-06-06 | Jonathan Miller (@jmiller) | Complete rewrite with current features and priorities |
 | 1.0 | 2026-05-09 | Jonathan Miller (@jmiller) | Initial version |