Compare commits

...

11 Commits

Author SHA1 Message Date
jmiller a5dac03e7f feat: add org-governance MCP tools (issue #738 scope B)
Add 19 tools covering the new org-level governance API endpoints under
/orgs/{org}/...: branch protection rulesets, tag protection rules, and the
push-policy, repo-defaults and email-domain-policy singletons.

Input schemas derived from the CreateOrg*/EditOrg* DTOs in
modules/structs/org_*.go. Follows existing gitea_org_* conventions:
required-vs-optional fields, PATCH bodies built only from provided fields,
and reuse of the existing GiteaClient methods.

Tools added:
- gitea_org_branch_protections_list / _get / _create / _edit / _delete
- gitea_org_tag_protections_list / _get / _create / _edit / _delete
- gitea_org_push_policy_get / _edit / _delete
- gitea_org_repo_defaults_get / _edit / _delete
- gitea_org_email_domain_policy_get / _edit / _delete

Claude-Session: https://claude.ai/code/session_01Wsno14cxE49MstXFs9G5KT
2026-07-05 16:03:34 -05:00
Jonathan Miller 6d81b218d7 feat(metadata): add deploy fields, simplify to server-side partial merge
Universal: Changelog Validation / Validate CHANGELOG.md (push) Failing after 6s
MCP: Build & Release / Build, Validate & Release (push) Failing after 12s
MCP: Build & Validate / build (20) (push) Failing after 9s
MCP: Build & Validate / build (22) (push) Failing after 8s
MCP: Tool Inventory / inventory (push) Failing after 22s
MCP: Standards Compliance / Secret Scanning (push) Successful in 5s
MCP: Standards Compliance / License Header Validation (push) Failing after 4s
Publish to npm / publish (push) Failing after 24s
MCP: Standards Compliance / Repository Structure Validation (push) Failing after 4s
MCP: Standards Compliance / Coding Standards Check (push) Failing after 5s
MCP: Standards Compliance / Workflow Configuration Check (push) Failing after 5s
Universal: CodeQL Analysis / Analyze (actions) (push) Failing after 1m15s
MCP: Standards Compliance / Documentation Quality Check (push) Successful in 5s
MCP: Standards Compliance / README Completeness Check (push) Failing after 6s
MCP: Standards Compliance / Git Repository Hygiene (push) Successful in 5s
Universal: CodeQL Analysis / Analyze (javascript) (push) Failing after 1m21s
MCP: Standards Compliance / Line Length Check (push) Failing after 5s
MCP: Standards Compliance / File Naming Standards (push) Successful in 6s
MCP: Standards Compliance / Script Integrity Validation (push) Successful in 11s
MCP: Standards Compliance / Insecure Code Pattern Detection (push) Successful in 8s
MCP: Standards Compliance / File Size Limits (push) Successful in 19s
MCP: Standards Compliance / Dead Code Detection (push) Successful in 24s
MCP: Standards Compliance / Binary File Detection (push) Successful in 24s
MCP: Standards Compliance / TODO/FIXME Tracking (push) Successful in 8s
MCP: Standards Compliance / Version Consistency Check (push) Successful in 1m10s
MCP: Standards Compliance / Code Complexity Analysis (push) Successful in 51s
MCP: Standards Compliance / API Documentation Coverage (push) Successful in 5s
MCP: Standards Compliance / Accessibility Check (push) Successful in 3s
MCP: Standards Compliance / Performance Metrics (push) Successful in 5s
MCP: Standards Compliance / Broken Link Detection (push) Successful in 26s
MCP: Standards Compliance / Code Duplication Detection (push) Successful in 1m1s
Universal: Sync Version on Merge / Propagate README version (push) Failing after 11s
MCP: Standards Compliance / Terraform Configuration Validation (push) Successful in 15s
MCP: Standards Compliance / Enterprise Readiness Check (push) Successful in 56s
MCP: Standards Compliance / Unused Dependencies Check (push) Successful in 1m28s
MCP: Standards Compliance / Dependency Vulnerability Scanning (push) Successful in 1m37s
MCP: Standards Compliance / Repository Health Check (push) Successful in 1m16s
Universal: CodeQL Analysis / Security Scan Summary (push) Has been cancelled
MCP: Standards Compliance / Compliance Summary (push) Has been cancelled
- Add 8 deploy fields: deploy_host, deploy_port, deploy_user, deploy_path,
  docker_image, docker_registry, container_name, health_url
- Remove client-side GET+merge — server now handles partial updates natively
- Remove obsolete 'version' field (not in API)
2026-06-23 17:29:44 -05:00
jmiller f645a564d3 chore: sync deploy-manual.yml from Template-Generic [skip ci] 2026-06-23 18:45:52 +00:00
jmiller e97d52b095 chore: remove security-audit.yml -- handled by MokoGitea
Universal: Changelog Validation / Validate CHANGELOG.md (push) Failing after 6s
Publish to npm / publish (push) Failing after 29s
MCP: Standards Compliance / License Header Validation (push) Failing after 5s
MCP: Standards Compliance / Secret Scanning (push) Successful in 13s
MCP: Standards Compliance / Repository Structure Validation (push) Failing after 4s
MCP: Standards Compliance / Workflow Configuration Check (push) Failing after 3s
MCP: Standards Compliance / Documentation Quality Check (push) Successful in 5s
MCP: Standards Compliance / Coding Standards Check (push) Failing after 10s
MCP: Standards Compliance / README Completeness Check (push) Failing after 6s
MCP: Standards Compliance / Git Repository Hygiene (push) Successful in 7s
MCP: Standards Compliance / Line Length Check (push) Failing after 7s
MCP: Standards Compliance / File Naming Standards (push) Successful in 7s
MCP: Standards Compliance / Script Integrity Validation (push) Successful in 12s
MCP: Standards Compliance / Insecure Code Pattern Detection (push) Successful in 5s
MCP: Standards Compliance / Dead Code Detection (push) Successful in 8s
MCP: Standards Compliance / File Size Limits (push) Successful in 5s
MCP: Standards Compliance / Binary File Detection (push) Successful in 6s
Universal: CodeQL Analysis / Analyze (javascript) (push) Failing after 1m28s
Universal: CodeQL Analysis / Analyze (actions) (push) Failing after 1m32s
MCP: Standards Compliance / TODO/FIXME Tracking (push) Successful in 3s
MCP: Standards Compliance / Version Consistency Check (push) Successful in 59s
MCP: Standards Compliance / Code Duplication Detection (push) Successful in 1m3s
MCP: Standards Compliance / Code Complexity Analysis (push) Successful in 1m5s
MCP: Standards Compliance / Dependency Vulnerability Scanning (push) Successful in 1m3s
MCP: Standards Compliance / Unused Dependencies Check (push) Successful in 1m1s
MCP: Standards Compliance / Broken Link Detection (push) Successful in 4s
MCP: Standards Compliance / Accessibility Check (push) Successful in 3s
MCP: Standards Compliance / API Documentation Coverage (push) Successful in 4s
MCP: Standards Compliance / Performance Metrics (push) Successful in 3s
MCP: Standards Compliance / Enterprise Readiness Check (push) Successful in 58s
MCP: Standards Compliance / Repository Health Check (push) Successful in 57s
MCP: Standards Compliance / Terraform Configuration Validation (push) Successful in 6s
Universal: Sync Version on Merge / Propagate README version (push) Failing after 5s
Universal: CodeQL Analysis / Security Scan Summary (push) Has been cancelled
MCP: Standards Compliance / Compliance Summary (push) Has been cancelled
2026-06-23 18:06:37 +00:00
jmiller 2a219d92a6 chore: remove deploy-manual.yml -- no longer needed
Universal: Changelog Validation / Validate CHANGELOG.md (push) Failing after 6s
MCP: Standards Compliance / Secret Scanning (push) Successful in 5s
Publish to npm / publish (push) Failing after 30s
MCP: Standards Compliance / License Header Validation (push) Failing after 3s
MCP: Standards Compliance / Repository Structure Validation (push) Failing after 4s
MCP: Standards Compliance / Coding Standards Check (push) Failing after 3s
MCP: Standards Compliance / Workflow Configuration Check (push) Failing after 3s
MCP: Standards Compliance / Documentation Quality Check (push) Successful in 3s
MCP: Standards Compliance / README Completeness Check (push) Failing after 4s
MCP: Standards Compliance / Git Repository Hygiene (push) Successful in 5s
Universal: CodeQL Analysis / Analyze (actions) (push) Failing after 1m10s
Universal: CodeQL Analysis / Analyze (javascript) (push) Failing after 1m9s
MCP: Standards Compliance / Script Integrity Validation (push) Successful in 8s
MCP: Standards Compliance / Line Length Check (push) Failing after 7s
MCP: Standards Compliance / File Naming Standards (push) Successful in 6s
MCP: Standards Compliance / Insecure Code Pattern Detection (push) Successful in 4s
MCP: Standards Compliance / Version Consistency Check (push) Successful in 59s
MCP: Standards Compliance / Code Complexity Analysis (push) Successful in 49s
MCP: Standards Compliance / Dead Code Detection (push) Successful in 8s
MCP: Standards Compliance / File Size Limits (push) Successful in 4s
MCP: Standards Compliance / Binary File Detection (push) Successful in 4s
MCP: Standards Compliance / TODO/FIXME Tracking (push) Successful in 4s
MCP: Standards Compliance / Code Duplication Detection (push) Successful in 56s
MCP: Standards Compliance / Performance Metrics (push) Successful in 3s
MCP: Standards Compliance / Broken Link Detection (push) Successful in 7s
MCP: Standards Compliance / API Documentation Coverage (push) Successful in 11s
MCP: Standards Compliance / Accessibility Check (push) Successful in 14s
MCP: Standards Compliance / Terraform Configuration Validation (push) Successful in 23s
Universal: Sync Version on Merge / Propagate README version (push) Failing after 11s
MCP: Standards Compliance / Dependency Vulnerability Scanning (push) Successful in 1m7s
MCP: Standards Compliance / Enterprise Readiness Check (push) Successful in 1m3s
MCP: Standards Compliance / Unused Dependencies Check (push) Successful in 1m11s
MCP: Standards Compliance / Repository Health Check (push) Successful in 1m16s
Universal: CodeQL Analysis / Security Scan Summary (push) Has been cancelled
MCP: Standards Compliance / Compliance Summary (push) Has been cancelled
2026-06-23 18:01:40 +00:00
jmiller a02d9d1db2 chore: remove update-server.yml -- no longer needed
Universal: Changelog Validation / Validate CHANGELOG.md (push) Failing after 6s
Publish to npm / publish (push) Failing after 25s
MCP: Standards Compliance / Secret Scanning (push) Successful in 7s
MCP: Standards Compliance / License Header Validation (push) Failing after 7s
MCP: Standards Compliance / Repository Structure Validation (push) Failing after 7s
MCP: Standards Compliance / Coding Standards Check (push) Failing after 6s
MCP: Standards Compliance / Workflow Configuration Check (push) Failing after 5s
MCP: Standards Compliance / Documentation Quality Check (push) Successful in 5s
MCP: Standards Compliance / README Completeness Check (push) Failing after 3s
MCP: Standards Compliance / Git Repository Hygiene (push) Successful in 4s
Universal: CodeQL Analysis / Analyze (actions) (push) Failing after 1m6s
Universal: CodeQL Analysis / Analyze (javascript) (push) Failing after 58s
MCP: Standards Compliance / Script Integrity Validation (push) Successful in 5s
MCP: Standards Compliance / File Naming Standards (push) Successful in 4s
MCP: Standards Compliance / Insecure Code Pattern Detection (push) Successful in 4s
MCP: Standards Compliance / Line Length Check (push) Failing after 5s
MCP: Standards Compliance / File Size Limits (push) Successful in 4s
MCP: Standards Compliance / Binary File Detection (push) Successful in 4s
MCP: Standards Compliance / Dead Code Detection (push) Successful in 8s
MCP: Standards Compliance / TODO/FIXME Tracking (push) Successful in 3s
MCP: Standards Compliance / Broken Link Detection (push) Successful in 6s
MCP: Standards Compliance / API Documentation Coverage (push) Successful in 7s
MCP: Standards Compliance / Accessibility Check (push) Successful in 9s
MCP: Standards Compliance / Version Consistency Check (push) Successful in 1m2s
MCP: Standards Compliance / Performance Metrics (push) Successful in 9s
MCP: Standards Compliance / Code Complexity Analysis (push) Successful in 1m4s
MCP: Standards Compliance / Code Duplication Detection (push) Successful in 1m2s
MCP: Standards Compliance / Unused Dependencies Check (push) Successful in 1m0s
MCP: Standards Compliance / Terraform Configuration Validation (push) Successful in 7s
MCP: Standards Compliance / Dependency Vulnerability Scanning (push) Successful in 1m6s
MCP: Standards Compliance / Enterprise Readiness Check (push) Successful in 1m5s
MCP: Standards Compliance / Repository Health Check (push) Successful in 1m9s
Universal: Sync Version on Merge / Propagate README version (push) Failing after 10s
Universal: CodeQL Analysis / Security Scan Summary (push) Has been cancelled
MCP: Standards Compliance / Compliance Summary (push) Has been cancelled
2026-06-23 18:01:40 +00:00
jmiller 47236a454d chore: remove composer-publish.yml -- no longer needed
Universal: Changelog Validation / Validate CHANGELOG.md (push) Failing after 7s
Publish to npm / publish (push) Failing after 24s
MCP: Standards Compliance / Secret Scanning (push) Successful in 5s
MCP: Standards Compliance / License Header Validation (push) Failing after 3s
MCP: Standards Compliance / Repository Structure Validation (push) Failing after 3s
MCP: Standards Compliance / Coding Standards Check (push) Failing after 3s
MCP: Standards Compliance / Workflow Configuration Check (push) Failing after 4s
MCP: Standards Compliance / Documentation Quality Check (push) Successful in 4s
MCP: Standards Compliance / README Completeness Check (push) Failing after 6s
MCP: Standards Compliance / Git Repository Hygiene (push) Successful in 7s
MCP: Standards Compliance / Line Length Check (push) Failing after 8s
MCP: Standards Compliance / Script Integrity Validation (push) Successful in 10s
MCP: Standards Compliance / File Naming Standards (push) Successful in 5s
MCP: Standards Compliance / Insecure Code Pattern Detection (push) Successful in 6s
Universal: CodeQL Analysis / Analyze (javascript) (push) Failing after 1m4s
MCP: Standards Compliance / Code Complexity Analysis (push) Failing after 5s
MCP: Standards Compliance / Dead Code Detection (push) Successful in 7s
MCP: Standards Compliance / File Size Limits (push) Successful in 4s
MCP: Standards Compliance / TODO/FIXME Tracking (push) Successful in 3s
MCP: Standards Compliance / Binary File Detection (push) Successful in 4s
MCP: Standards Compliance / Version Consistency Check (push) Successful in 59s
MCP: Standards Compliance / Broken Link Detection (push) Successful in 4s
MCP: Standards Compliance / Accessibility Check (push) Successful in 6s
MCP: Standards Compliance / API Documentation Coverage (push) Successful in 7s
MCP: Standards Compliance / Performance Metrics (push) Successful in 6s
MCP: Standards Compliance / Code Duplication Detection (push) Successful in 53s
MCP: Standards Compliance / Terraform Configuration Validation (push) Successful in 18s
MCP: Standards Compliance / Unused Dependencies Check (push) Successful in 1m9s
MCP: Standards Compliance / Dependency Vulnerability Scanning (push) Successful in 1m11s
MCP: Standards Compliance / Enterprise Readiness Check (push) Successful in 1m10s
MCP: Standards Compliance / Repository Health Check (push) Successful in 1m14s
Universal: CodeQL Analysis / Analyze (actions) (push) Failing after 3m31s
Universal: Sync Version on Merge / Propagate README version (push) Failing after 8s
Universal: CodeQL Analysis / Security Scan Summary (push) Has been cancelled
MCP: Standards Compliance / Compliance Summary (push) Has been cancelled
2026-06-23 18:01:38 +00:00
Jonathan Miller beda71301d docs: update README with 111 tools, add wiki search + revisions
Universal: Changelog Validation / Validate CHANGELOG.md (push) Failing after 8s
MCP: Standards Compliance / License Header Validation (push) Failing after 5s
MCP: Standards Compliance / Secret Scanning (push) Successful in 6s
MCP: Standards Compliance / Repository Structure Validation (push) Failing after 5s
MCP: Standards Compliance / Coding Standards Check (push) Failing after 8s
Publish to npm / publish (push) Failing after 30s
MCP: Standards Compliance / Workflow Configuration Check (push) Failing after 12s
MCP: Standards Compliance / Documentation Quality Check (push) Successful in 8s
MCP: Standards Compliance / README Completeness Check (push) Failing after 7s
MCP: Standards Compliance / Git Repository Hygiene (push) Successful in 8s
MCP: Standards Compliance / Line Length Check (push) Failing after 7s
MCP: Standards Compliance / File Naming Standards (push) Successful in 7s
MCP: Standards Compliance / Script Integrity Validation (push) Successful in 11s
MCP: Standards Compliance / Insecure Code Pattern Detection (push) Successful in 5s
MCP: Standards Compliance / Dead Code Detection (push) Successful in 6s
MCP: Standards Compliance / File Size Limits (push) Successful in 5s
MCP: Standards Compliance / Binary File Detection (push) Successful in 6s
MCP: Standards Compliance / Version Consistency Check (push) Successful in 59s
Universal: CodeQL Analysis / Analyze (javascript) (push) Failing after 1m27s
MCP: Standards Compliance / TODO/FIXME Tracking (push) Successful in 7s
MCP: Standards Compliance / Broken Link Detection (push) Successful in 9s
MCP: Standards Compliance / API Documentation Coverage (push) Successful in 7s
MCP: Standards Compliance / Accessibility Check (push) Successful in 7s
MCP: Standards Compliance / Performance Metrics (push) Successful in 5s
MCP: Standards Compliance / Code Complexity Analysis (push) Successful in 1m8s
MCP: Standards Compliance / Code Duplication Detection (push) Successful in 1m8s
Universal: CodeQL Analysis / Analyze (actions) (push) Failing after 2m14s
MCP: Standards Compliance / Terraform Configuration Validation (push) Successful in 9s
Universal: Sync Version on Merge / Propagate README version (push) Failing after 6s
MCP: Standards Compliance / Dependency Vulnerability Scanning (push) Successful in 1m4s
MCP: Standards Compliance / Unused Dependencies Check (push) Successful in 1m3s
MCP: Standards Compliance / Enterprise Readiness Check (push) Successful in 1m9s
MCP: Standards Compliance / Repository Health Check (push) Successful in 1m12s
Universal: CodeQL Analysis / Security Scan Summary (push) Has been cancelled
MCP: Standards Compliance / Compliance Summary (push) Has been cancelled
2026-06-23 12:33:43 -05:00
Jonathan Miller f24f82d53a feat: add wiki search tool (gitea_wiki_search)
Universal: Changelog Validation / Validate CHANGELOG.md (push) Failing after 8s
MCP: Build & Validate / build (20) (push) Failing after 11s
MCP: Build & Release / Build, Validate & Release (push) Failing after 13s
MCP: Build & Validate / build (22) (push) Failing after 9s
MCP: Tool Inventory / inventory (push) Failing after 6s
MCP: Standards Compliance / License Header Validation (push) Failing after 5s
MCP: Standards Compliance / Secret Scanning (push) Successful in 6s
MCP: Standards Compliance / Repository Structure Validation (push) Failing after 6s
MCP: Standards Compliance / Coding Standards Check (push) Failing after 8s
MCP: Standards Compliance / Version Consistency Check (push) Failing after 8s
Publish to npm / publish (push) Failing after 24s
MCP: Standards Compliance / Workflow Configuration Check (push) Failing after 10s
MCP: Standards Compliance / Documentation Quality Check (push) Successful in 7s
MCP: Standards Compliance / README Completeness Check (push) Failing after 7s
MCP: Standards Compliance / Git Repository Hygiene (push) Successful in 7s
MCP: Standards Compliance / File Naming Standards (push) Successful in 6s
MCP: Standards Compliance / Line Length Check (push) Failing after 7s
MCP: Standards Compliance / Script Integrity Validation (push) Successful in 11s
MCP: Standards Compliance / Insecure Code Pattern Detection (push) Successful in 6s
MCP: Standards Compliance / File Size Limits (push) Successful in 5s
MCP: Standards Compliance / Dead Code Detection (push) Successful in 9s
MCP: Standards Compliance / Binary File Detection (push) Successful in 6s
MCP: Standards Compliance / TODO/FIXME Tracking (push) Successful in 4s
Universal: CodeQL Analysis / Analyze (actions) (push) Failing after 1m17s
Universal: CodeQL Analysis / Analyze (javascript) (push) Failing after 1m18s
MCP: Standards Compliance / Broken Link Detection (push) Successful in 4s
MCP: Standards Compliance / API Documentation Coverage (push) Successful in 3s
MCP: Standards Compliance / Accessibility Check (push) Successful in 3s
MCP: Standards Compliance / Performance Metrics (push) Successful in 3s
MCP: Standards Compliance / Code Duplication Detection (push) Successful in 1m14s
MCP: Standards Compliance / Code Complexity Analysis (push) Successful in 1m16s
MCP: Standards Compliance / Unused Dependencies Check (push) Successful in 1m4s
MCP: Standards Compliance / Dependency Vulnerability Scanning (push) Successful in 1m10s
MCP: Standards Compliance / Terraform Configuration Validation (push) Successful in 12s
Universal: Sync Version on Merge / Propagate README version (push) Failing after 5s
MCP: Standards Compliance / Enterprise Readiness Check (push) Successful in 1m4s
MCP: Standards Compliance / Repository Health Check (push) Successful in 1m6s
Universal: CodeQL Analysis / Security Scan Summary (push) Has been cancelled
MCP: Standards Compliance / Compliance Summary (push) Has been cancelled
New tool for searching wiki page titles and content via GET /wiki/search?q=term
2026-06-23 12:06:57 -05:00
Jonathan Miller b06b990a5d fix(wiki): use correct create endpoint, add page revisions tool
Universal: Changelog Validation / Validate CHANGELOG.md (push) Failing after 7s
MCP: Build & Release / Build, Validate & Release (push) Failing after 14s
MCP: Build & Validate / build (20) (push) Failing after 12s
MCP: Build & Validate / build (22) (push) Failing after 12s
MCP: Tool Inventory / inventory (push) Failing after 9s
MCP: Standards Compliance / Secret Scanning (push) Successful in 5s
MCP: Standards Compliance / Repository Structure Validation (push) Failing after 6s
MCP: Standards Compliance / License Header Validation (push) Failing after 7s
MCP: Standards Compliance / Coding Standards Check (push) Failing after 5s
Publish to npm / publish (push) Failing after 21s
MCP: Standards Compliance / Workflow Configuration Check (push) Failing after 5s
MCP: Standards Compliance / Documentation Quality Check (push) Successful in 6s
MCP: Standards Compliance / README Completeness Check (push) Failing after 6s
MCP: Standards Compliance / Git Repository Hygiene (push) Successful in 7s
MCP: Standards Compliance / Script Integrity Validation (push) Successful in 9s
MCP: Standards Compliance / Line Length Check (push) Failing after 8s
MCP: Standards Compliance / File Naming Standards (push) Successful in 6s
MCP: Standards Compliance / Insecure Code Pattern Detection (push) Successful in 6s
Universal: CodeQL Analysis / Analyze (javascript) (push) Failing after 1m9s
Universal: CodeQL Analysis / Analyze (actions) (push) Failing after 1m13s
MCP: Standards Compliance / File Size Limits (push) Successful in 5s
MCP: Standards Compliance / Dead Code Detection (push) Successful in 11s
MCP: Standards Compliance / Binary File Detection (push) Successful in 5s
MCP: Standards Compliance / TODO/FIXME Tracking (push) Successful in 3s
MCP: Standards Compliance / Version Consistency Check (push) Successful in 1m2s
MCP: Standards Compliance / Broken Link Detection (push) Successful in 4s
MCP: Standards Compliance / API Documentation Coverage (push) Successful in 6s
MCP: Standards Compliance / Accessibility Check (push) Successful in 6s
MCP: Standards Compliance / Performance Metrics (push) Successful in 6s
MCP: Standards Compliance / Code Complexity Analysis (push) Successful in 57s
MCP: Standards Compliance / Code Duplication Detection (push) Successful in 1m3s
MCP: Standards Compliance / Terraform Configuration Validation (push) Successful in 12s
Universal: Sync Version on Merge / Propagate README version (push) Failing after 6s
MCP: Standards Compliance / Unused Dependencies Check (push) Successful in 1m8s
MCP: Standards Compliance / Dependency Vulnerability Scanning (push) Successful in 1m14s
MCP: Standards Compliance / Repository Health Check (push) Successful in 1m9s
MCP: Standards Compliance / Enterprise Readiness Check (push) Successful in 1m19s
Universal: CodeQL Analysis / Security Scan Summary (push) Has been cancelled
MCP: Standards Compliance / Compliance Summary (push) Has been cancelled
- Fix wiki_page_create: POST /wiki/new instead of /wiki/pages (405 error)
- Add gitea_wiki_page_revisions tool for listing page revision history
2026-06-23 10:52:56 -05:00
jmiller bf47ae67f9 chore: sync auto-release.yml from Template-Generic [skip ci] 2026-06-22 00:34:48 +00:00
6 changed files with 333 additions and 490 deletions
+9
View File
@@ -30,6 +30,15 @@ on:
types: [opened, closed]
branches:
- main
paths-ignore:
- '.mokogitea/workflows/**'
- '*.md'
- 'wiki/**'
- '.editorconfig'
- '.gitignore'
- '.gitattributes'
- '.gitmessage'
- 'LICENSE'
workflow_dispatch:
inputs:
action:
-76
View File
@@ -1,76 +0,0 @@
# Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
# SPDX-License-Identifier: GPL-3.0-or-later
name: "Publish to Composer"
on:
push:
tags:
- 'v*'
- '[0-9]*.[0-9]*.[0-9]*'
release:
types: [published]
workflow_dispatch:
env:
GITEA_URL: ${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}
jobs:
publish:
name: Publish Package
runs-on: ubuntu-latest
if: >-
!contains(github.event.head_commit.message, '[skip ci]') &&
!contains(github.event.head_commit.message, '[skip publish]')
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup PHP
run: |
if ! command -v php &> /dev/null; then
sudo apt-get update -qq
sudo apt-get install -y -qq php-cli php-mbstring php-xml php-zip php-curl composer >/dev/null 2>&1
fi
- name: Install dependencies
run: composer install --no-dev --no-interaction --prefer-dist --quiet
- name: Determine version
id: version
run: |
VERSION=$(php -r "echo json_decode(file_get_contents('composer.json'))->version;")
echo "version=${VERSION}" >> "$GITHUB_OUTPUT"
echo "Package version: ${VERSION}"
# Gitea Composer Registry — auto-publishes from tags
# The tag push itself registers the package at:
# https://git.mokoconsulting.tech/api/packages/MokoConsulting/composer
- name: Verify Gitea registry
run: |
echo "Gitea Composer registry auto-publishes from tags."
echo "Package available at: ${GITEA_URL}/api/packages/MokoConsulting/composer"
echo "Install: composer require mokoconsulting/mokocli"
# Packagist — notify of new version
- name: Notify Packagist
if: secrets.PACKAGIST_TOKEN != ''
run: |
VERSION="${{ steps.version.outputs.version }}"
echo "Notifying Packagist of version ${VERSION}..."
curl -sf -X POST \
-H "Content-Type: application/json" \
-d '{"repository":{"url":"https://git.mokoconsulting.tech/MokoConsulting/mokocli"}}' \
"https://packagist.org/api/update-package?username=mokoconsulting&apiToken=${{ secrets.PACKAGIST_TOKEN }}" \
&& echo "Packagist notified" \
|| echo "::warning::Packagist notification failed (package may not be registered yet)"
- name: Summary
run: |
VERSION="${{ steps.version.outputs.version }}"
echo "## Composer Package Published" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "| Registry | Status |" >> $GITHUB_STEP_SUMMARY
echo "|----------|--------|" >> $GITHUB_STEP_SUMMARY
echo "| Gitea | \`composer require mokoconsulting/mokocli:${VERSION}\` |" >> $GITHUB_STEP_SUMMARY
echo "| Packagist | \`composer require mokoconsulting/mokocli\` |" >> $GITHUB_STEP_SUMMARY
-82
View File
@@ -1,82 +0,0 @@
# Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
#
# SPDX-License-Identifier: GPL-3.0-or-later
#
# FILE INFORMATION
# DEFGROUP: Gitea.Workflow
# INGROUP: MokoStandards.Security
# REPO: https://git.mokoconsulting.tech/MokoConsulting/MokoStandards
# PATH: /.gitea/workflows/security-audit.yml
# VERSION: 01.00.00
# BRIEF: Dependency vulnerability scanning for composer and npm packages
name: "Universal: Security Audit"
on:
schedule:
- cron: '0 6 * * 1' # Weekly on Monday at 06:00 UTC
pull_request:
branches:
- main
paths:
- 'composer.json'
- 'composer.lock'
- 'package.json'
- 'package-lock.json'
workflow_dispatch:
permissions:
contents: read
env:
NTFY_URL: ${{ vars.NTFY_URL || 'https://ntfy.mokoconsulting.tech' }}
NTFY_TOPIC: ${{ vars.NTFY_TOPIC || 'gitea-security' }}
jobs:
audit:
name: Dependency Audit
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Composer audit
if: hashFiles('composer.lock') != ''
run: |
echo "=== Composer Security Audit ==="
if ! command -v composer &> /dev/null; then
sudo apt-get update -qq
sudo apt-get install -y -qq php-cli composer >/dev/null 2>&1
fi
composer audit --format=plain 2>&1 | tee /tmp/composer-audit.txt
RESULT=$?
if [ $RESULT -ne 0 ]; then
echo "::warning::Composer vulnerabilities found"
echo "composer_vulnerable=true" >> "$GITHUB_ENV"
else
echo "No known vulnerabilities in composer dependencies"
fi
- name: NPM audit
if: hashFiles('package-lock.json') != ''
run: |
echo "=== NPM Security Audit ==="
npm audit --production 2>&1 | tee /tmp/npm-audit.txt || true
if npm audit --production 2>&1 | grep -q "found 0 vulnerabilities"; then
echo "No known vulnerabilities in npm dependencies"
else
echo "::warning::NPM vulnerabilities found"
echo "npm_vulnerable=true" >> "$GITHUB_ENV"
fi
- name: Notify on vulnerabilities
if: env.composer_vulnerable == 'true' || env.npm_vulnerable == 'true'
run: |
REPO="${{ github.event.repository.name }}"
curl -sS \
-H "Title: ${REPO} has vulnerable dependencies" \
-H "Tags: lock,warning" \
-H "Priority: high" \
-d "Security audit found vulnerabilities. Review dependency updates." \
"${NTFY_URL}/${NTFY_TOPIC}" || true
-312
View File
@@ -1,312 +0,0 @@
# Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
#
# SPDX-License-Identifier: GPL-3.0-or-later
#
# FILE INFORMATION
# DEFGROUP: Gitea.Workflow
# INGROUP: moko-platform.Universal
# REPO: https://git.mokoconsulting.tech/MokoConsulting/moko-platform
# PATH: /templates/workflows/update-server.yml
# VERSION: 05.00.00
# BRIEF: Pre-release build + update server XML for dev/alpha/beta/rc branches
#
# Thin wrapper around moko-platform CLI tools.
# Builds packages, updates updates.xml, and optionally deploys via SFTP.
#
# Joomla filters update entries by the user's "Minimum Stability" setting.
name: "Update Server"
on:
push:
branches:
- 'dev'
- 'dev/**'
- 'alpha/**'
- 'beta/**'
- 'rc/**'
paths:
- 'src/**'
- 'htdocs/**'
pull_request:
types: [closed]
branches:
- 'dev'
- 'dev/**'
- 'alpha/**'
- 'beta/**'
- 'rc/**'
paths:
- 'src/**'
- 'htdocs/**'
workflow_dispatch:
inputs:
stability:
description: 'Stability tag'
required: true
default: 'development'
type: choice
options:
- development
- alpha
- beta
- rc
- stable
env:
FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
GITEA_URL: ${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}
GITEA_ORG: ${{ vars.GITEA_ORG || github.repository_owner }}
GITEA_REPO: ${{ vars.GITEA_REPO || github.event.repository.name }}
permissions:
contents: write
jobs:
update-xml:
name: Update Server
runs-on: release
if: >-
github.event.pull_request.merged == true || github.event_name == 'workflow_dispatch' || github.event_name == 'push'
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
token: ${{ secrets.MOKOGITEA_TOKEN }}
fetch-depth: 0
- name: Setup moko-platform tools
env:
MOKO_CLONE_TOKEN: ${{ secrets.MOKOGITEA_TOKEN }}
MOKO_CLONE_HOST: git.mokoconsulting.tech/MokoConsulting
COMPOSER_AUTH: '{"http-basic":{"git.mokoconsulting.tech":{"username":"token","password":"${{ secrets.MOKOGITEA_TOKEN }}"}}}'
run: |
if ! command -v composer &> /dev/null; then
sudo apt-get update -qq && sudo apt-get install -y -qq php-cli php-mbstring php-xml php-zip php-curl composer >/dev/null 2>&1
fi
# Always fetch latest CLI tools — never use stale cache from previous runs
rm -rf /tmp/moko-platform
git clone --depth 1 --branch main --quiet \
"https://x-access-token:${MOKO_CLONE_TOKEN}@${MOKO_CLONE_HOST}/moko-platform.git" \
/tmp/moko-platform 2>/dev/null || true
if [ -d "/tmp/moko-platform" ] && [ -f "/tmp/moko-platform/composer.json" ]; then
cd /tmp/moko-platform && composer install --no-dev --no-interaction --quiet 2>/dev/null || true
fi
echo "MOKO_CLI=/tmp/moko-platform/cli" >> "$GITHUB_ENV"
- name: Detect platform
id: platform
run: php ${MOKO_CLI}/manifest_read.php --path . --github-output
- name: Resolve stability and bump version
id: meta
run: |
BRANCH="${{ github.ref_name }}"
# Configure git for bot pushes
git config --local user.email "gitea-actions[bot]@mokoconsulting.tech"
git config --local user.name "gitea-actions[bot]"
git remote set-url origin "https://x-access-token:${{ secrets.MOKOGITEA_TOKEN }}@git.mokoconsulting.tech/${{ github.repository }}.git"
# Auto-bump patch version
php ${MOKO_CLI}/version_bump.php --path . 2>/dev/null || true
VERSION=$(php ${MOKO_CLI}/version_read.php --path . 2>/dev/null || echo "0.0.0")
# Strip any existing suffix before applying stability
VERSION=$(echo "$VERSION" | sed 's/-\(dev\|alpha\|beta\|rc\)$//')
# Determine stability from branch or manual input
if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
STABILITY="${{ inputs.stability }}"
elif [[ "$BRANCH" == rc/* ]]; then
STABILITY="rc"
elif [[ "$BRANCH" == beta/* ]]; then
STABILITY="beta"
elif [[ "$BRANCH" == alpha/* ]]; then
STABILITY="alpha"
else
STABILITY="development"
fi
# Version suffix per stability stream
case "$STABILITY" in
development) SUFFIX="-dev"; TAG="development" ;;
alpha) SUFFIX="-alpha"; TAG="alpha" ;;
beta) SUFFIX="-beta"; TAG="beta" ;;
rc) SUFFIX="-rc"; TAG="release-candidate" ;;
*) SUFFIX=""; TAG="stable" ;;
esac
# Propagate version with stability suffix to all manifest files
php ${MOKO_CLI}/version_set_platform.php \
--path . --version "$VERSION" --branch "$BRANCH" --stability "$STABILITY" 2>/dev/null || true
php ${MOKO_CLI}/version_check.php --path . --fix 2>/dev/null || true
# Re-read version (now includes suffix from version_set_platform)
if [ -n "$SUFFIX" ]; then
VERSION="${VERSION}${SUFFIX}"
fi
echo "version=${VERSION}" >> "$GITHUB_OUTPUT"
echo "stability=${STABILITY}" >> "$GITHUB_OUTPUT"
echo "suffix=${SUFFIX}" >> "$GITHUB_OUTPUT"
echo "tag=${TAG}" >> "$GITHUB_OUTPUT"
echo "display_version=${VERSION}" >> "$GITHUB_OUTPUT"
# Commit version bump if changed
git add -A
git diff --cached --quiet || {
git commit -m "chore(version): auto-bump ${VERSION} [skip ci]" \
--author="gitea-actions[bot] <gitea-actions[bot]@mokoconsulting.tech>"
git push
}
- name: Create release and upload package
id: package
run: |
VERSION="${{ steps.meta.outputs.version }}"
TAG="${{ steps.meta.outputs.tag }}"
API_BASE="${GITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
# Create or update Gitea release
php ${MOKO_CLI}/release_create.php \
--path . --version "$VERSION" --tag "$TAG" \
--token "${{ secrets.MOKOGITEA_TOKEN }}" --api-base "$API_BASE" \
--repo "${GITEA_REPO}" --branch "${{ github.ref_name }}" --prerelease
# Build package and upload
php ${MOKO_CLI}/release_package.php \
--path . --version "$VERSION" --tag "$TAG" \
--token "${{ secrets.MOKOGITEA_TOKEN }}" --api-base "$API_BASE" \
--repo "${GITEA_REPO}" --output /tmp || true
- name: Update updates.xml
if: steps.platform.outputs.platform == 'joomla'
run: |
VERSION="${{ steps.meta.outputs.version }}"
STABILITY="${{ steps.meta.outputs.stability }}"
SHA256="${{ steps.package.outputs.sha256_zip }}"
if [ ! -f "updates.xml" ]; then
echo "No updates.xml — skipping"
exit 0
fi
SHA_FLAG=""
[ -n "$SHA256" ] && SHA_FLAG="--sha ${SHA256}"
php ${MOKO_CLI}/updates_xml_build.php \
--path . --version "${VERSION}" --stability "${STABILITY}" \
--gitea-url "${GITEA_URL}" --org "${GITEA_ORG}" --repo "${GITEA_REPO}" \
${SHA_FLAG}
# Commit and push updates.xml
git add updates.xml
git diff --cached --quiet || {
git commit -m "chore: update ${STABILITY} channel ${VERSION} [skip ci]"
git push
}
- name: Sync updates.xml to main
if: github.ref_name != 'main' && steps.platform.outputs.platform == 'joomla'
run: |
API_BASE="${GITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
GITEA_TOKEN="${{ secrets.MOKOGITEA_TOKEN }}"
FILE_SHA=$(curl -sf -H "Authorization: token ${GITEA_TOKEN}" \
"${API_BASE}/contents/updates.xml?ref=main" | python3 -c "import sys,json; print(json.load(sys.stdin).get('sha',''))" 2>/dev/null || true)
if [ -n "$FILE_SHA" ] && [ -f "updates.xml" ]; then
python3 -c "
import base64, json, urllib.request, sys
with open('updates.xml', 'rb') as f:
content = base64.b64encode(f.read()).decode()
payload = json.dumps({
'content': content,
'sha': '${FILE_SHA}',
'message': 'chore: sync updates.xml from ${{ steps.meta.outputs.stability }} [skip ci]',
'branch': 'main'
}).encode()
req = urllib.request.Request(
'${API_BASE}/contents/updates.xml',
data=payload, method='PUT',
headers={
'Authorization': 'token ${GITEA_TOKEN}',
'Content-Type': 'application/json'
})
try:
urllib.request.urlopen(req)
print('updates.xml synced to main')
except Exception as e:
print(f'WARNING: sync to main failed: {e}', file=sys.stderr)
"
fi
- name: SFTP deploy to dev server
if: contains(github.ref, 'dev/') || github.ref == 'refs/heads/dev'
env:
DEV_HOST: ${{ vars.DEV_FTP_HOST }}
DEV_PATH: ${{ vars.DEV_FTP_PATH }}
DEV_SUFFIX: ${{ vars.DEV_FTP_SUFFIX }}
DEV_USER: ${{ vars.DEV_FTP_USERNAME }}
DEV_PORT: ${{ vars.DEV_FTP_PORT }}
DEV_KEY: ${{ secrets.DEV_FTP_KEY }}
DEV_PASS: ${{ secrets.DEV_FTP_PASSWORD }}
run: |
# Permission check: admin or maintain role required
ACTOR="${{ github.actor }}"
API_BASE="${GITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
PERMISSION=$(curl -sf -H "Authorization: token ${{ secrets.MOKOGITEA_TOKEN }}" \
"${API_BASE}/collaborators/${ACTOR}/permission" 2>/dev/null | \
python3 -c "import sys,json; print(json.load(sys.stdin).get('permission','read'))" 2>/dev/null || echo "read")
case "$PERMISSION" in
admin|maintain|write) ;;
*)
echo "Deploy denied: ${ACTOR} has '${PERMISSION}' — requires admin, maintain, or write"
exit 0
;;
esac
[ -z "$DEV_HOST" ] || [ -z "$DEV_PATH" ] && { echo "DEV FTP not configured — skipping SFTP"; exit 0; }
SOURCE_DIR="src"
[ ! -d "$SOURCE_DIR" ] && SOURCE_DIR="htdocs"
[ ! -d "$SOURCE_DIR" ] && exit 0
PORT="${DEV_PORT:-22}"
REMOTE="${DEV_PATH%/}"
[ -n "$DEV_SUFFIX" ] && REMOTE="${REMOTE}/${DEV_SUFFIX#/}"
printf '{"host":"%s","port":%s,"username":"%s","remotePath":"%s"' \
"$DEV_HOST" "$PORT" "$DEV_USER" "$REMOTE" > /tmp/sftp-config.json
if [ -n "$DEV_KEY" ]; then
echo "$DEV_KEY" > /tmp/deploy_key && chmod 600 /tmp/deploy_key
printf ',"privateKeyPath":"/tmp/deploy_key"}' >> /tmp/sftp-config.json
else
printf ',"password":"%s"}' "$DEV_PASS" >> /tmp/sftp-config.json
fi
PLATFORM=$(php ${MOKO_CLI}/platform_detect.php --path . 2>/dev/null || true)
if [ "$PLATFORM" = "waas-component" ] && [ -f "${MOKO_CLI}/../deploy/deploy-joomla.php" ]; then
php ${MOKO_CLI}/../deploy/deploy-joomla.php --path . --src-dir "$SOURCE_DIR" --config /tmp/sftp-config.json
elif [ -f "${MOKO_CLI}/../deploy/deploy-sftp.php" ]; then
php ${MOKO_CLI}/../deploy/deploy-sftp.php --path . --src-dir "$SOURCE_DIR" --config /tmp/sftp-config.json
fi
rm -f /tmp/deploy_key /tmp/sftp-config.json
echo "SFTP deploy to dev complete" >> $GITHUB_STEP_SUMMARY
- name: Summary
if: always()
run: |
VERSION="${{ steps.meta.outputs.version }}"
STABILITY="${{ steps.meta.outputs.stability }}"
DISPLAY="${{ steps.meta.outputs.display_version }}"
echo "## Update Server" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "| Field | Value |" >> $GITHUB_STEP_SUMMARY
echo "|-------|-------|" >> $GITHUB_STEP_SUMMARY
echo "| Stability | \`${STABILITY}\` |" >> $GITHUB_STEP_SUMMARY
echo "| Version | \`${DISPLAY}\` |" >> $GITHUB_STEP_SUMMARY
+6 -3
View File
@@ -11,7 +11,7 @@ REPO: https://git.mokoconsulting.tech/MokoConsulting/gitea-api-mcp
[![Node](https://img.shields.io/badge/node-%3E%3D20.0.0-green.svg)](https://nodejs.org)
[![TypeScript](https://img.shields.io/badge/TypeScript-5.x-blue.svg)](https://www.typescriptlang.org)
> MCP server for Gitea REST API v1 operations -- 61 tools for complete Gitea instance management from Claude Code and other MCP clients.
> MCP server for Gitea REST API v1 operations -- 111 tools for complete Gitea instance management from Claude Code and other MCP clients.
## Table of Contents
@@ -26,7 +26,7 @@ REPO: https://git.mokoconsulting.tech/MokoConsulting/gitea-api-mcp
## Background
`gitea-api-mcp` is a Model Context Protocol (MCP) server that exposes 61 tools for interacting with the Gitea REST API v1. It supports multiple named connections, allowing you to manage several Gitea instances from a single server. Authentication uses Gitea's native `Authorization: token` header format.
`gitea-api-mcp` is a Model Context Protocol (MCP) server that exposes 111 tools for interacting with the Gitea REST API v1. It supports multiple named connections, allowing you to manage several Gitea instances from a single server. Authentication uses Gitea's native `Authorization: token` header format.
## Install
@@ -250,7 +250,7 @@ If `connection` is omitted, the `defaultConnection` is used.
| `gitea_webhooks_list` | List webhooks for a repository |
| `gitea_webhook_create` | Create a webhook |
### Wiki (5 tools)
### Wiki (7 tools)
| Tool | Description |
|------|-------------|
@@ -259,6 +259,8 @@ If `connection` is omitted, the `defaultConnection` is used.
| `gitea_wiki_page_create` | Create a new wiki page |
| `gitea_wiki_page_edit` | Edit an existing wiki page |
| `gitea_wiki_page_delete` | Delete a wiki page |
| `gitea_wiki_page_revisions` | List revision history for a wiki page |
| `gitea_wiki_search` | Search wiki page titles and content |
### Notifications (2 tools)
@@ -287,3 +289,4 @@ See [CONTRIBUTING.md](CONTRIBUTING.md) for development guidelines.
| Version | Date | Description |
|---------|------|-------------|
| 0.0.1 | 2026-05-07 | Initial release with 61 tools |
| 1.4.3 | 2026-06-23 | Fix wiki create endpoint, add wiki search + revisions tools (111 total) |
+318 -17
View File
@@ -1084,7 +1084,7 @@ server.tool(
content_base64: Buffer.from(content).toString('base64'),
};
if (message !== undefined) body.message = message;
return formatResponse(await clientFor(connection).post(`/repos/${owner}/${repo}/wiki/pages`, body));
return formatResponse(await clientFor(connection).post(`/repos/${owner}/${repo}/wiki/new`, body));
},
);
@@ -1121,6 +1121,22 @@ server.tool(
formatResponse(await clientFor(connection).delete(`/repos/${owner}/${repo}/wiki/page/${page_name}`)),
);
server.tool(
'gitea_wiki_page_revisions',
'List revision history for a wiki page',
{ ...OwnerRepo, page_name: z.string().describe('Page name/slug'), ...PaginationParams, ...ConnectionParam },
async ({ owner, repo, page_name, page, limit, connection }) =>
formatResponse(await clientFor(connection).get(`/repos/${owner}/${repo}/wiki/revisions/${page_name}`, pageQuery({ page, limit }))),
);
server.tool(
'gitea_wiki_search',
'Search wiki page titles and content',
{ ...OwnerRepo, q: z.string().describe('Search query'), ...PaginationParams, ...ConnectionParam },
async ({ owner, repo, q, page, limit, connection }) =>
formatResponse(await clientFor(connection).get(`/repos/${owner}/${repo}/wiki/search`, { q, ...pageQuery({ page, limit }) })),
);
// ── Notifications ───────────────────────────────────────────────────────
server.tool(
@@ -1723,42 +1739,327 @@ server.tool(
server.tool(
'gitea_metadata_update',
'Update repo metadata settings (merges with existing — only provided fields are changed)',
'Update repo metadata settings (partial update — only provided fields are changed)',
{
owner: z.string().describe('Repository owner'),
repo: z.string().describe('Repository name'),
// identity
name: z.string().optional().describe('Project name'),
org: z.string().optional().describe('Organization'),
description: z.string().optional().describe('Project description'),
version: z.string().optional().describe('Version string (e.g. 06.00.00)'),
// versioning
version_prefix: z.string().optional().describe('Tag prefix for version display (e.g. v1.26.1-moko.)'),
element_name: z.string().optional().describe('Extension element name (e.g. pkg_mokosuitecrm)'),
// licensing
license_spdx: z.string().optional().describe('SPDX license identifier'),
license_name: z.string().optional().describe('Human-readable license name (e.g. GNU General Public License v3)'),
element_name: z.string().optional().describe('Extension element name (e.g. pkg_mokosuitecrm, mod_mokojoomhero)'),
platform: z.string().optional().describe('Platform (joomla, wordpress, dolibarr, go, mcp, platform, generic)'),
standards_version: z.string().optional().describe('mokoplatform standards version (e.g. 05.01.00)'),
license_name: z.string().optional().describe('Human-readable license name'),
// governance
platform: z.string().optional().describe('Platform (joomla, go, node, php, python, generic)'),
standards_version: z.string().optional().describe('mokoplatform standards version'),
standards_source: z.string().optional().describe('URL to standards repo'),
maintainer: z.string().optional().describe('Maintainer name (e.g. Moko Consulting)'),
// distribution
maintainer: z.string().optional().describe('Maintainer name'),
maintainer_url: z.string().optional().describe('Maintainer website URL'),
info_url: z.string().optional().describe('Extension info/product page URL'),
target_version: z.string().optional().describe('Target platform version regex (e.g. 6..*)'),
php_minimum: z.string().optional().describe('Minimum PHP version (e.g. 8.1)'),
language: z.string().optional().describe('Primary language (e.g. PHP, Go, TypeScript)'),
extension_type: z.string().optional().describe('Extension type (component, module, plugin, package, template, library, file)'),
target_version: z.string().optional().describe('Target platform version regex'),
php_minimum: z.string().optional().describe('Minimum PHP version'),
// build
language: z.string().optional().describe('Primary language (Go, PHP, TypeScript)'),
extension_type: z.string().optional().describe('Extension type (component, module, plugin, package, template, library)'),
entry_point: z.string().optional().describe('Build entry point path'),
// deploy
deploy_host: z.string().optional().describe('SSH host for deploy'),
deploy_port: z.string().optional().describe('SSH port (default 2918)'),
deploy_user: z.string().optional().describe('SSH user'),
deploy_path: z.string().optional().describe('Remote path for source/compose'),
docker_image: z.string().optional().describe('Docker image name (e.g. mokoconsulting/mokogitea)'),
docker_registry: z.string().optional().describe('Docker registry host'),
container_name: z.string().optional().describe('Docker container name'),
health_url: z.string().optional().describe('Health check URL after deploy'),
...ConnectionParam,
},
async ({ owner, repo, connection, ...fields }) => {
const c = clientFor(connection);
const current = await c.get(`/repos/${owner}/${repo}/metadata`);
const merged = current.status < 400 ? { ...(current.data as Record<string, unknown>) } : {};
// Server handles partial merge — just send the fields that were provided.
const body: Record<string, unknown> = {};
for (const [k, v] of Object.entries(fields)) {
if (v !== undefined) merged[k] = v;
if (v !== undefined) body[k] = v;
}
return formatResponse(await c.put(`/repos/${owner}/${repo}/metadata`, merged));
return formatResponse(await clientFor(connection).put(`/repos/${owner}/${repo}/metadata`, body));
},
);
// ── Organization Branch Protection (org-governance) ──────────────────────
// Shared field schema for org branch protection rulesets (create + edit).
// rule_name is supplied separately (body field on create, path param on edit).
const OrgBranchProtectionFields = {
priority: z.number().optional().describe('Rule priority (lower applies first)'),
enable_push: z.boolean().optional().describe('Allow push to matching branches'),
enable_push_whitelist: z.boolean().optional().describe('Restrict push to whitelisted teams'),
push_whitelist_teams: z.array(z.string()).optional().describe('Teams allowed to push'),
enable_force_push: z.boolean().optional().describe('Allow force push'),
enable_force_push_allowlist: z.boolean().optional().describe('Restrict force push to allowlisted teams'),
force_push_allowlist_teams: z.array(z.string()).optional().describe('Teams allowed to force push'),
enable_delete: z.boolean().optional().describe('Allow branch deletion'),
enable_delete_allowlist: z.boolean().optional().describe('Restrict deletion to allowlisted teams'),
delete_allowlist_teams: z.array(z.string()).optional().describe('Teams allowed to delete branches'),
enable_merge_whitelist: z.boolean().optional().describe('Restrict merges to whitelisted teams'),
merge_whitelist_teams: z.array(z.string()).optional().describe('Teams allowed to merge'),
enable_status_check: z.boolean().optional().describe('Require status checks to pass'),
status_check_contexts: z.array(z.string()).optional().describe('Required status check names'),
required_approvals: z.number().optional().describe('Required PR approvals (0 = none)'),
enable_approvals_whitelist: z.boolean().optional().describe('Restrict approvals to whitelisted teams'),
approvals_whitelist_teams: z.array(z.string()).optional().describe('Teams whose approvals count'),
block_on_rejected_reviews: z.boolean().optional().describe('Block merge on rejected reviews'),
block_on_official_review_requests: z.boolean().optional().describe('Block merge on pending official review requests'),
block_on_outdated_branch: z.boolean().optional().describe('Block merge when branch is behind base'),
dismiss_stale_approvals: z.boolean().optional().describe('Dismiss approvals when new commits are pushed'),
ignore_stale_approvals: z.boolean().optional().describe('Ignore stale approvals when counting'),
require_signed_commits: z.boolean().optional().describe('Require signed commits'),
protected_file_patterns: z.string().optional().describe('Protected file path patterns (glob, semicolon-separated)'),
unprotected_file_patterns: z.string().optional().describe('Unprotected file path patterns (glob, semicolon-separated)'),
block_admin_merge_override: z.boolean().optional().describe('Prevent admins from overriding merge restrictions'),
};
server.tool(
'gitea_org_branch_protections_list',
'List org-level branch protection rulesets (requires org owner)',
{ org: z.string().describe('Organization name'), ...ConnectionParam },
async ({ org, connection }) => formatResponse(await clientFor(connection).get(`/orgs/${org}/branch_protections`)),
);
server.tool(
'gitea_org_branch_protection_get',
'Get a single org-level branch protection ruleset by rule name (requires org owner)',
{
org: z.string().describe('Organization name'),
rule_name: z.string().describe('Rule name / branch pattern (e.g. "main", "release/*")'),
...ConnectionParam,
},
async ({ org, rule_name, connection }) => formatResponse(await clientFor(connection).get(`/orgs/${org}/branch_protections/${rule_name}`)),
);
server.tool(
'gitea_org_branch_protection_create',
'Create an org-level branch protection ruleset applied across the org (requires org owner)',
{
org: z.string().describe('Organization name'),
rule_name: z.string().describe('Rule name / branch pattern (e.g. "main", "release/*")'),
...OrgBranchProtectionFields,
...ConnectionParam,
},
async ({ org, rule_name, connection, ...fields }) => {
const body: Record<string, unknown> = { rule_name };
for (const [k, v] of Object.entries(fields)) {
if (v !== undefined) body[k] = v;
}
return formatResponse(await clientFor(connection).post(`/orgs/${org}/branch_protections`, body));
},
);
server.tool(
'gitea_org_branch_protection_edit',
'Edit an org-level branch protection ruleset (only provided fields change; requires org owner)',
{
org: z.string().describe('Organization name'),
rule_name: z.string().describe('Rule name / branch pattern of the ruleset to edit'),
...OrgBranchProtectionFields,
...ConnectionParam,
},
async ({ org, rule_name, connection, ...fields }) => {
const body: Record<string, unknown> = {};
for (const [k, v] of Object.entries(fields)) {
if (v !== undefined) body[k] = v;
}
return formatResponse(await clientFor(connection).patch(`/orgs/${org}/branch_protections/${rule_name}`, body));
},
);
server.tool(
'gitea_org_branch_protection_delete',
'Delete an org-level branch protection ruleset by rule name (requires org owner)',
{
org: z.string().describe('Organization name'),
rule_name: z.string().describe('Rule name / branch pattern of the ruleset to delete'),
...ConnectionParam,
},
async ({ org, rule_name, connection }) => formatResponse(await clientFor(connection).delete(`/orgs/${org}/branch_protections/${rule_name}`)),
);
// ── Organization Tag Protection (org-governance) ─────────────────────────
server.tool(
'gitea_org_tag_protections_list',
'List org-level tag protection rules (requires org owner)',
{ org: z.string().describe('Organization name'), ...ConnectionParam },
async ({ org, connection }) => formatResponse(await clientFor(connection).get(`/orgs/${org}/tag_protections`)),
);
server.tool(
'gitea_org_tag_protection_get',
'Get a single org-level tag protection rule by id (requires org owner)',
{
org: z.string().describe('Organization name'),
id: z.number().describe('Tag protection rule ID'),
...ConnectionParam,
},
async ({ org, id, connection }) => formatResponse(await clientFor(connection).get(`/orgs/${org}/tag_protections/${id}`)),
);
server.tool(
'gitea_org_tag_protection_create',
'Create an org-level tag protection rule (requires org owner)',
{
org: z.string().describe('Organization name'),
name_pattern: z.string().describe('Tag name pattern to protect (glob, e.g. "v*")'),
whitelist_teams: z.array(z.string()).optional().describe('Teams allowed to create/delete matching tags'),
...ConnectionParam,
},
async ({ org, name_pattern, whitelist_teams, connection }) => {
const body: Record<string, unknown> = { name_pattern };
if (whitelist_teams !== undefined) body.whitelist_teams = whitelist_teams;
return formatResponse(await clientFor(connection).post(`/orgs/${org}/tag_protections`, body));
},
);
server.tool(
'gitea_org_tag_protection_edit',
'Edit an org-level tag protection rule (only provided fields change; requires org owner)',
{
org: z.string().describe('Organization name'),
id: z.number().describe('Tag protection rule ID'),
name_pattern: z.string().optional().describe('Tag name pattern to protect (glob, e.g. "v*")'),
whitelist_teams: z.array(z.string()).optional().describe('Teams allowed to create/delete matching tags'),
...ConnectionParam,
},
async ({ org, id, name_pattern, whitelist_teams, connection }) => {
const body: Record<string, unknown> = {};
if (name_pattern !== undefined) body.name_pattern = name_pattern;
if (whitelist_teams !== undefined) body.whitelist_teams = whitelist_teams;
return formatResponse(await clientFor(connection).patch(`/orgs/${org}/tag_protections/${id}`, body));
},
);
server.tool(
'gitea_org_tag_protection_delete',
'Delete an org-level tag protection rule by id (requires org owner)',
{
org: z.string().describe('Organization name'),
id: z.number().describe('Tag protection rule ID'),
...ConnectionParam,
},
async ({ org, id, connection }) => formatResponse(await clientFor(connection).delete(`/orgs/${org}/tag_protections/${id}`)),
);
// ── Organization Push Policy (singleton, org-governance) ─────────────────
server.tool(
'gitea_org_push_policy_get',
'Get the organization push policy (requires org owner)',
{ org: z.string().describe('Organization name'), ...ConnectionParam },
async ({ org, connection }) => formatResponse(await clientFor(connection).get(`/orgs/${org}/push_policy`)),
);
server.tool(
'gitea_org_push_policy_edit',
'Edit the organization push policy (only provided fields change; requires org owner)',
{
org: z.string().describe('Organization name'),
branch_name_pattern: z.string().optional().describe('Allowed branch name pattern (glob)'),
tag_name_pattern: z.string().optional().describe('Allowed tag name pattern (glob)'),
require_secret_block: z.boolean().optional().describe('Block pushes containing detected secrets'),
max_file_size: z.number().optional().describe('Maximum allowed pushed file size in bytes (0 = unlimited)'),
blocked_file_patterns: z.string().optional().describe('File path patterns to block on push (glob, semicolon-separated)'),
...ConnectionParam,
},
async ({ org, connection, ...fields }) => {
const body: Record<string, unknown> = {};
for (const [k, v] of Object.entries(fields)) {
if (v !== undefined) body[k] = v;
}
return formatResponse(await clientFor(connection).patch(`/orgs/${org}/push_policy`, body));
},
);
server.tool(
'gitea_org_push_policy_delete',
'Delete (reset) the organization push policy (requires org owner)',
{ org: z.string().describe('Organization name'), ...ConnectionParam },
async ({ org, connection }) => formatResponse(await clientFor(connection).delete(`/orgs/${org}/push_policy`)),
);
// ── Organization Repo Defaults (singleton, org-governance) ───────────────
server.tool(
'gitea_org_repo_defaults_get',
'Get the organization default repository settings (requires org owner)',
{ org: z.string().describe('Organization name'), ...ConnectionParam },
async ({ org, connection }) => formatResponse(await clientFor(connection).get(`/orgs/${org}/repo_defaults`)),
);
server.tool(
'gitea_org_repo_defaults_edit',
'Edit the organization default repository settings (only provided fields change; requires org owner)',
{
org: z.string().describe('Organization name'),
force_private: z.boolean().optional().describe('Force all new repos to be private'),
apply_pr_defaults: z.boolean().optional().describe('Apply the PR merge defaults below to new repos'),
allow_merge: z.boolean().optional().describe('Allow merge commits'),
allow_rebase: z.boolean().optional().describe('Allow rebase merging'),
allow_rebase_merge: z.boolean().optional().describe('Allow rebase with merge commit'),
allow_squash: z.boolean().optional().describe('Allow squash merging'),
allow_fast_forward_only: z.boolean().optional().describe('Allow fast-forward-only merging'),
default_merge_style: z.string().optional().describe('Default merge style (merge, rebase, rebase-merge, squash, fast-forward-only)'),
delete_branch_after_merge: z.boolean().optional().describe('Delete head branch after merge by default'),
...ConnectionParam,
},
async ({ org, connection, ...fields }) => {
const body: Record<string, unknown> = {};
for (const [k, v] of Object.entries(fields)) {
if (v !== undefined) body[k] = v;
}
return formatResponse(await clientFor(connection).patch(`/orgs/${org}/repo_defaults`, body));
},
);
server.tool(
'gitea_org_repo_defaults_delete',
'Delete (reset) the organization default repository settings (requires org owner)',
{ org: z.string().describe('Organization name'), ...ConnectionParam },
async ({ org, connection }) => formatResponse(await clientFor(connection).delete(`/orgs/${org}/repo_defaults`)),
);
// ── Organization Email Domain Policy (singleton, org-governance) ─────────
server.tool(
'gitea_org_email_domain_policy_get',
'Get the organization email domain policy (requires org owner)',
{ org: z.string().describe('Organization name'), ...ConnectionParam },
async ({ org, connection }) => formatResponse(await clientFor(connection).get(`/orgs/${org}/email_domain_policy`)),
);
server.tool(
'gitea_org_email_domain_policy_edit',
'Edit the organization email domain policy (only provided fields change; requires org owner)',
{
org: z.string().describe('Organization name'),
allowed_domains: z.string().optional().describe('Allowed member email domains (comma-separated, e.g. "example.com,foo.org")'),
...ConnectionParam,
},
async ({ org, allowed_domains, connection }) => {
const body: Record<string, unknown> = {};
if (allowed_domains !== undefined) body.allowed_domains = allowed_domains;
return formatResponse(await clientFor(connection).patch(`/orgs/${org}/email_domain_policy`, body));
},
);
server.tool(
'gitea_org_email_domain_policy_delete',
'Delete (reset) the organization email domain policy (requires org owner)',
{ org: z.string().describe('Organization name'), ...ConnectionParam },
async ({ org, connection }) => formatResponse(await clientFor(connection).delete(`/orgs/${org}/email_domain_policy`)),
);
// ── Start Server ────────────────────────────────────────────────────────
async function main(): Promise<void> {