MokoConsulting/MokoCLI
Public Access
1
0
Fork 0
Code Issues 3 Pull Requests Packages Releases 8 Wiki Activity

Compare commits

base: MokoConsulting/MokoCLI:v09.38.00
Branches Tags
MokoConsulting/MokoCLI:main MokoConsulting/MokoCLI:version/09.41.00 MokoConsulting/MokoCLI:version/09.40.00 MokoConsulting/MokoCLI:version/09.39.00 MokoConsulting/MokoCLI:dev MokoConsulting/MokoCLI:feature/304-release-publish MokoConsulting/MokoCLI:version/09.38.00 MokoConsulting/MokoCLI:fix/namespace-cleanup MokoConsulting/MokoCLI:rc
MokoConsulting/MokoCLI:stable MokoConsulting/MokoCLI:v09.41.00 MokoConsulting/MokoCLI:v09.40.00 MokoConsulting/MokoCLI:v09.39.00 MokoConsulting/MokoCLI:v09.38.00 MokoConsulting/MokoCLI:development MokoConsulting/MokoCLI:release-candidate MokoConsulting/MokoCLI:beta MokoConsulting/MokoCLI:alpha MokoConsulting/MokoCLI:v09 MokoConsulting/MokoCLI:v08 MokoConsulting/MokoCLI:v07
..
compare: MokoConsulting/MokoCLI:v09.41.00
Branches Tags
MokoConsulting/MokoCLI:main MokoConsulting/MokoCLI:version/09.41.00 MokoConsulting/MokoCLI:version/09.40.00 MokoConsulting/MokoCLI:version/09.39.00 MokoConsulting/MokoCLI:dev MokoConsulting/MokoCLI:feature/304-release-publish MokoConsulting/MokoCLI:version/09.38.00 MokoConsulting/MokoCLI:fix/namespace-cleanup MokoConsulting/MokoCLI:rc
MokoConsulting/MokoCLI:stable MokoConsulting/MokoCLI:v09.41.00 MokoConsulting/MokoCLI:v09.40.00 MokoConsulting/MokoCLI:v09.39.00 MokoConsulting/MokoCLI:v09.38.00 MokoConsulting/MokoCLI:development MokoConsulting/MokoCLI:release-candidate MokoConsulting/MokoCLI:beta MokoConsulting/MokoCLI:alpha MokoConsulting/MokoCLI:v09 MokoConsulting/MokoCLI:v08 MokoConsulting/MokoCLI:v07

30 Commits
v09.38.00 .. v09.41.00

Author SHA1 Message Date
gitea-actions[bot] 9b647b2540 chore(release): build 09.41.00 [skip ci]
Publish to Composer / Publish Package (release) Successful in 8s
Details
Platform: mokocli CI / Gate 1: Code Quality (push) Failing after 53s
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.1) (push) Has been cancelled
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.2) (push) Has been cancelled
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.3) (push) Has been cancelled
Details
Platform: mokocli CI / Gate 3: Self-Health Check (push) Has been cancelled
Details
Platform: mokocli CI / Gate 4: Governance (push) Has been cancelled
Details
Platform: mokocli CI / Gate 5: Template Integrity (push) Has been cancelled
Details
Platform: mokocli CI / CI Summary (push) Has been cancelled
Details
2026-06-25 16:43:21 +00:00
jmiller cedf10bdff Merge pull request 'fix: remove Template-Dolibarr references from sync' (#319) from chore/remove-legacy-templates into main
Platform: mokocli CI / Gate 1: Code Quality (push) Failing after 49s
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.1) (push) Has been cancelled
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.2) (push) Has been cancelled
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.3) (push) Has been cancelled
Details
Platform: mokocli CI / Gate 3: Self-Health Check (push) Has been cancelled
Details
Platform: mokocli CI / Gate 4: Governance (push) Has been cancelled
Details
Platform: mokocli CI / Gate 5: Template Integrity (push) Has been cancelled
Details
Platform: mokocli CI / CI Summary (push) Has been cancelled
Details
2026-06-25 16:42:46 +00:00
jmiller 8422292b46 fix: remove Template-Dolibarr references from sync
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 8s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Details
Generic: Repo Health / Site Health (pull_request) Has been skipped
Details
Generic: Repo Health / Access control (pull_request) Successful in 1s
Details
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Details
Branch Cleanup / Delete merged branch (pull_request) Successful in 1s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 6s
Details
Universal: PR Check / Secret Scan (pull_request) Successful in 8s
Details
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Details
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 21s
Details
Platform: mokocli CI / Gate 1: Code Quality (pull_request) Failing after 52s
Details
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 5m0s
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.1) (pull_request) Has been cancelled
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.2) (pull_request) Has been cancelled
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.3) (pull_request) Has been cancelled
Details
Platform: mokocli CI / Gate 3: Self-Health Check (pull_request) Has been cancelled
Details
Platform: mokocli CI / Gate 4: Governance (pull_request) Has been cancelled
Details
Platform: mokocli CI / Gate 5: Template Integrity (pull_request) Has been cancelled
Details
Platform: mokocli CI / CI Summary (pull_request) Has been cancelled
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Details
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Details
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Details
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
Details 
Template-Dolibarr repo was deleted. Map dolibarr/crm-module platforms
to Template-Generic fallback. Remove from TEMPLATE_SYNC_TARGETS.
 2026-06-25 11:42:27 -05:00
gitea-actions[bot] b1f3487a43 chore: promote changelog [Unreleased] → [09.40.00] 2026-06-25 16:40:19 +00:00
gitea-actions[bot] c8f346e069 chore(release): build 09.40.00 [skip ci]
Publish to Composer / Publish Package (release) Successful in 10s
Details
Platform: mokocli CI / Gate 1: Code Quality (push) Failing after 1m0s
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.1) (push) Has been cancelled
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.2) (push) Has been cancelled
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.3) (push) Has been cancelled
Details
Platform: mokocli CI / Gate 3: Self-Health Check (push) Has been cancelled
Details
Platform: mokocli CI / Gate 4: Governance (push) Has been cancelled
Details
Platform: mokocli CI / Gate 5: Template Integrity (push) Has been cancelled
Details
Platform: mokocli CI / CI Summary (push) Has been cancelled
Details
2026-06-25 16:40:10 +00:00
jmiller 0da62a99e3 Merge pull request 'chore: remove legacy templates directory' (#318) from chore/remove-legacy-templates into main
Platform: mokocli CI / Gate 1: Code Quality (push) Failing after 56s
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.1) (push) Has been cancelled
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.2) (push) Has been cancelled
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.3) (push) Has been cancelled
Details
Platform: mokocli CI / Gate 3: Self-Health Check (push) Has been cancelled
Details
Platform: mokocli CI / Gate 4: Governance (push) Has been cancelled
Details
Platform: mokocli CI / Gate 5: Template Integrity (push) Has been cancelled
Details
Platform: mokocli CI / CI Summary (push) Has been cancelled
Details 
chore: remove legacy templates directory (#318)
 2026-06-25 16:39:26 +00:00
jmiller 60c8309067 chore: remove legacy templates directory
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 18s
Details
Generic: Repo Health / Site Health (pull_request) Has been skipped
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Details
Generic: Repo Health / Access control (pull_request) Successful in 2s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 5s
Details
Universal: PR Check / Secret Scan (pull_request) Successful in 7s
Details
Branch Cleanup / Delete merged branch (pull_request) Successful in 2s
Details
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Details
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 2s
Details
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Details
Platform: mokocli CI / Gate 1: Code Quality (pull_request) Failing after 1m2s
Details
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 31s
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.1) (pull_request) Has been cancelled
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.2) (pull_request) Has been cancelled
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.3) (pull_request) Has been cancelled
Details
Platform: mokocli CI / Gate 3: Self-Health Check (pull_request) Has been cancelled
Details
Platform: mokocli CI / Gate 4: Governance (pull_request) Has been cancelled
Details
Platform: mokocli CI / Gate 5: Template Integrity (pull_request) Has been cancelled
Details
Platform: mokocli CI / CI Summary (pull_request) Has been cancelled
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Details
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Details
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Details
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
Details 
Templates now live in Template-Joomla, Template-Generic, and
Template-Dolibarr repos. Removed all references in release.php,
RepositorySynchronizer, and create_project.php.
 2026-06-25 11:38:37 -05:00
gitea-actions[bot] 12f7ab7e30 chore: promote changelog [Unreleased] → [09.39.00] 2026-06-25 16:21:29 +00:00
gitea-actions[bot] ccff69d48c chore(release): build 09.39.00 [skip ci]
Publish to Composer / Publish Package (release) Successful in 37s
Details
2026-06-25 16:21:27 +00:00
jmiller 8ab44feed5 Merge pull request 'fix: create SQL update file on Joomla version bump' (#317) from fix/sql-update-file-on-bump into main
Platform: mokocli CI / Gate 1: Code Quality (push) Failing after 55s
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.1) (push) Has been cancelled
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.2) (push) Has been cancelled
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.3) (push) Has been cancelled
Details
Platform: mokocli CI / Gate 3: Self-Health Check (push) Has been cancelled
Details
Platform: mokocli CI / Gate 4: Governance (push) Has been cancelled
Details
Platform: mokocli CI / Gate 5: Template Integrity (push) Has been cancelled
Details
Platform: mokocli CI / CI Summary (push) Has been cancelled
Details 
fix: create SQL update file on Joomla version bump (#317)
 2026-06-25 16:21:07 +00:00
jmiller 483a22a13c fix: create SQL update file on Joomla version bump
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 12s
Details
Universal: PR Check / Branch Policy (pull_request) Failing after 2s
Details
Generic: Repo Health / Site Health (pull_request) Has been skipped
Details
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Details
Universal: PR Check / Secret Scan (pull_request) Successful in 14s
Details
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Details
Generic: Repo Health / Access control (pull_request) Successful in 2s
Details
Branch Cleanup / Delete merged branch (pull_request) Failing after 3s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 9s
Details
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 19s
Details
Platform: mokocli CI / Gate 1: Code Quality (pull_request) Failing after 53s
Details
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 3m40s
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.1) (pull_request) Has been cancelled
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.2) (pull_request) Has been cancelled
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.3) (pull_request) Has been cancelled
Details
Platform: mokocli CI / Gate 3: Self-Health Check (pull_request) Has been cancelled
Details
Platform: mokocli CI / Gate 4: Governance (pull_request) Has been cancelled
Details
Platform: mokocli CI / Gate 5: Template Integrity (pull_request) Has been cancelled
Details
Platform: mokocli CI / CI Summary (pull_request) Has been cancelled
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Details
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Details
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Details
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
Details 
version_bump.php now creates an empty sql/updates/mysql/<version>.sql
file when bumping Joomla extensions. Prevents schema version mismatch
in Joomla's Database view when no actual schema changes exist.
 2026-06-25 11:20:10 -05:00
jmiller a3b1fb1f11 chore: sync version-set.yml from Template-Generic [skip ci] 2026-06-24 11:50:00 +00:00
jmiller 5e69242320 chore: sync auto-release.yml from Template-Generic [skip ci] 2026-06-23 23:12:03 +00:00
jmiller a183787db6 Merge pull request 'fix: packagist publish — fix secrets condition and GitHub mirror URL' (#316) from fix/packagist-publish into main
Platform: mokocli CI / Gate 1: Code Quality (push) Failing after 41s
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.1) (push) Has been cancelled
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.2) (push) Has been cancelled
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.3) (push) Has been cancelled
Details
Platform: mokocli CI / Gate 3: Self-Health Check (push) Has been cancelled
Details
Platform: mokocli CI / Gate 4: Governance (push) Has been cancelled
Details
Platform: mokocli CI / Gate 5: Template Integrity (push) Has been cancelled
Details
Platform: mokocli CI / CI Summary (push) Has been cancelled
Details
2026-06-23 22:06:36 +00:00
Jonathan Miller 13ab870418 fix: packagist publish — fix secrets condition and use GitHub mirror URL
Universal: PR Check / Branch Policy (pull_request) Failing after 2s
Details
Generic: Repo Health / Site Health (pull_request) Has been skipped
Details
Generic: Repo Health / Access control (pull_request) Successful in 1s
Details
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 14s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 6s
Details
Universal: PR Check / Secret Scan (pull_request) Successful in 9s
Details
Platform: mokocli CI / Gate 1: Code Quality (pull_request) Failing after 44s
Details
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Details
Branch Cleanup / Delete merged branch (pull_request) Successful in 1s
Details
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 3s
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.1) (pull_request) Has been cancelled
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.2) (pull_request) Has been cancelled
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.3) (pull_request) Has been cancelled
Details
Platform: mokocli CI / Gate 3: Self-Health Check (pull_request) Has been cancelled
Details
Platform: mokocli CI / Gate 4: Governance (pull_request) Has been cancelled
Details
Platform: mokocli CI / Gate 5: Template Integrity (pull_request) Has been cancelled
Details
Platform: mokocli CI / CI Summary (pull_request) Has been cancelled
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Details
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Details
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Details
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
Details 
- Fix if: condition syntax (needs ${{ }} expression wrapper)
- Point Packagist notification to GitHub mirror URL (Packagist can't
  access Gitea directly)
 2026-06-23 17:00:49 -05:00
jmiller 8fd324f60e chore: sync issue-branch.yml from Template-Generic [skip ci] 2026-06-23 21:51:53 +00:00
gitea-actions[bot] 3ebfe2da8a chore: promote changelog [Unreleased] → [09.39.00] 2026-06-23 21:50:09 +00:00
gitea-actions[bot] c87125ab10 chore(release): build 09.39.00 [skip ci]
Publish to Composer / Publish Package (release) Successful in 44s
Details
2026-06-23 21:50:04 +00:00
jmiller 4e3e9b7899 Merge pull request 'feat: delete orphan workflows during sync — preserve custom-* prefix' (#315) from feature/delete-orphan-workflows into main
Platform: mokocli CI / Gate 1: Code Quality (push) Failing after 1m5s
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.1) (push) Has been cancelled
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.2) (push) Has been cancelled
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.3) (push) Has been cancelled
Details
Platform: mokocli CI / Gate 3: Self-Health Check (push) Has been cancelled
Details
Platform: mokocli CI / Gate 4: Governance (push) Has been cancelled
Details
Platform: mokocli CI / Gate 5: Template Integrity (push) Has been cancelled
Details
Platform: mokocli CI / CI Summary (push) Has been cancelled
Details
2026-06-23 21:49:40 +00:00
gitea-actions[bot] 5a918e2d1f chore(version): auto-bump patch 09.38.02-dev [skip ci]
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Details
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Details
Branch Cleanup / Delete merged branch (pull_request) Failing after 3s
Details
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 6s
Details
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 30s
Details
2026-06-23 19:14:10 +00:00
Jonathan Miller 2d856c8846 fix: address review findings in workflow_sync.php
Universal: PR Check / Branch Policy (pull_request) Failing after 1s
Details
Generic: Repo Health / Access control (pull_request) Successful in 2s
Details
Generic: Repo Health / Site Health (pull_request) Has been skipped
Details
Universal: PR Check / Validate PR (pull_request) Failing after 13s
Details
Universal: PR Check / Secret Scan (pull_request) Successful in 16s
Details
Universal: Auto Version Bump / Version Bump (push) Successful in 26s
Details
Platform: mokocli CI / Gate 1: Code Quality (pull_request) Failing after 1m0s
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.1) (pull_request) Has been cancelled
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.2) (pull_request) Has been cancelled
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.3) (pull_request) Has been cancelled
Details
Platform: mokocli CI / Gate 3: Self-Health Check (pull_request) Has been cancelled
Details
Platform: mokocli CI / Gate 4: Governance (pull_request) Has been cancelled
Details
Platform: mokocli CI / Gate 5: Template Integrity (pull_request) Has been cancelled
Details
Platform: mokocli CI / CI Summary (pull_request) Has been cancelled
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Details
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Details
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Details
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
Details 
- Fix #1: protect PLATFORM_EXCLUDES workflows from orphan deletion
- Fix #2: remove dead CUSTOM_DIR constant and listWorkflowEntries()
- Fix #3: fix pre-existing undefined $label bug on EXCLUDED branch
 2026-06-23 14:13:40 -05:00
jmiller 200956b91a chore: sync deploy-manual.yml from Template-Generic [skip ci] 2026-06-23 18:45:41 +00:00
gitea-actions[bot] bb24a58903 chore(version): auto-bump patch 09.38.01-dev [skip ci] 2026-06-23 18:34:38 +00:00
Jonathan Miller 8cea26d748 feat: delete orphan workflows during sync — preserve custom-* prefix
Universal: Auto Version Bump / Version Bump (push) Successful in 29s
Details
Universal: Build & Release / Promote to RC (pull_request) Failing after 16s
Details
Universal: Build & Release / Build & Release Pipeline (pull_request) Has been skipped
Details
Universal: PR Check / Branch Policy (pull_request) Failing after 2s
Details
Universal: PR Check / Secret Scan (pull_request) Successful in 6s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 4s
Details
Generic: Repo Health / Access control (pull_request) Successful in 1s
Details
Generic: Repo Health / Site Health (pull_request) Has been skipped
Details
Platform: mokocli CI / Gate 1: Code Quality (pull_request) Failing after 1m38s
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.1) (pull_request) Has been cancelled
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.2) (pull_request) Has been cancelled
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.3) (pull_request) Has been cancelled
Details
Platform: mokocli CI / Gate 3: Self-Health Check (pull_request) Has been cancelled
Details
Platform: mokocli CI / Gate 4: Governance (pull_request) Has been cancelled
Details
Platform: mokocli CI / Gate 5: Template Integrity (pull_request) Has been cancelled
Details
Platform: mokocli CI / CI Summary (pull_request) Has been cancelled
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Details
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Details
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Details
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
Details 
workflow_sync.php --delete-orphans now removes workflows from repos that
are not in the platform template. Protected from deletion:
- Workflows matching template names (synced normally)
- Workflows with custom- prefix (repo-specific convention)
- The custom/ subdirectory (future: subfolder discovery)
 2026-06-23 13:27:52 -05:00
jmiller eb557302ce chore: remove security-audit.yml -- handled by MokoGitea
Platform: mokocli CI / Gate 1: Code Quality (push) Failing after 1m10s
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.1) (push) Has been cancelled
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.2) (push) Has been cancelled
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.3) (push) Has been cancelled
Details
Platform: mokocli CI / Gate 3: Self-Health Check (push) Has been cancelled
Details
Platform: mokocli CI / Gate 4: Governance (push) Has been cancelled
Details
Platform: mokocli CI / Gate 5: Template Integrity (push) Has been cancelled
Details
Platform: mokocli CI / CI Summary (push) Has been cancelled
Details
2026-06-23 18:04:40 +00:00
jmiller 7e555eacf0 chore: remove deploy-manual.yml -- no longer needed
Platform: mokocli CI / Gate 1: Code Quality (push) Failing after 1m35s
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.1) (push) Has been cancelled
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.2) (push) Has been cancelled
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.3) (push) Has been cancelled
Details
Platform: mokocli CI / Gate 3: Self-Health Check (push) Has been cancelled
Details
Platform: mokocli CI / Gate 4: Governance (push) Has been cancelled
Details
Platform: mokocli CI / Gate 5: Template Integrity (push) Has been cancelled
Details
Platform: mokocli CI / CI Summary (push) Has been cancelled
Details
2026-06-23 17:58:59 +00:00
jmiller 1d897ba115 chore: sync auto-release.yml from Template-Generic [skip ci] 2026-06-22 00:34:34 +00:00
Jonathan Miller 8e6aaaff88 feat: add synonym branch protections (master, develop, release, production, stable, staging)
Platform: mokocli CI / Gate 1: Code Quality (push) Failing after 49s
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.1) (push) Has been cancelled
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.2) (push) Has been cancelled
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.3) (push) Has been cancelled
Details
Platform: mokocli CI / Gate 3: Self-Health Check (push) Has been cancelled
Details
Platform: mokocli CI / Gate 4: Governance (push) Has been cancelled
Details
Platform: mokocli CI / Gate 5: Template Integrity (push) Has been cancelled
Details
Platform: mokocli CI / CI Summary (push) Has been cancelled
Details
2026-06-21 19:20:47 -05:00
Jonathan Miller fef27eb5d1 feat: add org-wide branch protection enforcement
Platform: mokocli CI / Gate 1: Code Quality (push) Failing after 1m17s
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.1) (push) Has been cancelled
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.2) (push) Has been cancelled
Details
Platform: mokocli CI / Gate 2: Unit Tests (8.3) (push) Has been cancelled
Details
Platform: mokocli CI / Gate 3: Self-Health Check (push) Has been cancelled
Details
Platform: mokocli CI / Gate 4: Governance (push) Has been cancelled
Details
Platform: mokocli CI / Gate 5: Template Integrity (push) Has been cancelled
Details
Platform: mokocli CI / CI Summary (push) Has been cancelled
Details 
- cli/branch_protect_org.php: enforces push whitelist on main, dev, rc,
  beta, alpha across all org repos (--dry-run supported)
- branch-protection-enforce.yml: runs weekly Monday 6am UTC + manual dispatch
- Branch flow: feature/* -> dev -> rc -> main (no direct push to any)
 2026-06-21 19:08:33 -05:00
gitea-actions[bot] 6d8e09827d chore: promote changelog [Unreleased] → [09.38.00] 2026-06-21 23:22:28 +00:00
206 changed files with 1003 additions and 16755 deletions
Expand all files Collapse all files
.mokogitea/workflows/auto-release.yml
+467 -457
View File
@@ -1,457 +1,467 @@
# Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
#
# SPDX-License-Identifier: GPL-3.0-or-later
#
# FILE INFORMATION
# DEFGROUP: Gitea.Workflow
# INGROUP: mokocli.Release
# REPO: https://git.mokoconsulting.tech/mokoconsulting-tech/mokocli
# PATH: /templates/workflows/universal/auto-release.yml.template
# VERSION: 05.00.00
# BRIEF: Universal build & release detects platform from manifest.xml
#
# +=======================================================================+
# | UNIVERSAL BUILD & RELEASE PIPELINE |
# +=======================================================================+
# | |
# | Reads manifest.xml (joomla|dolibarr|generic) to branch logic. |
# | |
# | Platform-specific: |
# | joomla: XML manifest, type-prefixed packages |
# | dolibarr: mod*.class.php, update.txt, dev version reset |
# | generic: README-only, no update stream |
# | |
# +=======================================================================+
name: "Universal: Build & Release"
on:
pull_request:
types: [opened, closed]
branches:
- main
workflow_dispatch:
inputs:
action:
description: 'Action to perform'
required: false
type: choice
default: release
options:
- release
- promote-rc
env:
FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
GITEA_URL: ${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}
GITEA_ORG: ${{ vars.GITEA_ORG || github.repository_owner }}
GITEA_REPO: ${{ vars.GITEA_REPO || github.event.repository.name }}
permissions:
contents: write
jobs:
# ── PR Opened → Rename branch to RC and build RC release ─────────────────────────
promote-rc:
name: Promote to RC
runs-on: release
if: >-
(github.event.action == 'opened' && github.event.pull_request.merged != true) ||
(github.event_name == 'workflow_dispatch' && inputs.action == 'promote-rc')
steps:
- name: Checkout repository
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
with:
token: ${{ secrets.MOKOGITEA_TOKEN }}
fetch-depth: 1
- name: Setup mokocli tools
env:
MOKO_CLONE_TOKEN: ${{ secrets.MOKOGITEA_TOKEN }}
MOKO_CLONE_HOST: git.mokoconsulting.tech/MokoConsulting
run: |
if [ -f /opt/mokocli/cli/version_bump.php ] && [ -f /opt/mokocli/vendor/autoload.php ]; then
echo Using pre-installed /opt/mokocli
echo MOKO_CLI=/opt/mokocli/cli >> $GITHUB_ENV
else
echo Falling back to fresh clone
if ! command -v composer > /dev/null 2>&1; then
sudo apt-get update -qq && sudo apt-get install -y -qq php-cli php-mbstring php-xml php-zip php-curl composer > /dev/null 2>&1
fi
rm -rf /tmp/mokocli
CLONE_URL=https://x-access-token:${MOKO_CLONE_TOKEN}@${MOKO_CLONE_HOST}/mokocli.git
git clone --depth 1 --branch main --quiet $CLONE_URL /tmp/mokocli
cd /tmp/mokocli
composer install --no-dev --no-interaction --quiet
echo MOKO_CLI=/tmp/mokocli/cli >> $GITHUB_ENV
fi
- name: Rename branch to rc
run: |
php ${MOKO_CLI}/branch_rename.php \
--from "${{ github.event.pull_request.head.ref || 'dev' }}" --to rc \
--token "${{ secrets.MOKOGITEA_TOKEN }}" \
--api-base "${GITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}" \
--pr "${{ github.event.pull_request.number }}"
- name: Checkout rc and configure git
run: |
git fetch origin rc
git checkout rc
git config --local user.email "gitea-actions[bot]@mokoconsulting.tech"
git config --local user.name "gitea-actions[bot]"
git remote set-url origin "https://x-access-token:${{ secrets.MOKOGITEA_TOKEN }}@git.mokoconsulting.tech/${{ github.repository }}.git"
- name: Publish RC release
run: |
php ${MOKO_CLI}/release_publish.php \
--path . --stability rc --bump minor --branch rc \
--token "${{ secrets.MOKOGITEA_TOKEN }}"
- name: Update RC release notes from CHANGELOG.md
run: |
API_BASE="${GITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
TOKEN="${{ secrets.MOKOGITEA_TOKEN }}"
# Extract [Unreleased] section from changelog
NOTES=""
if [ -f "CHANGELOG.md" ]; then
NOTES=$(awk '/^## \[Unreleased\]/{found=1; next} /^## \[/{if(found) exit} found{print}' CHANGELOG.md)
fi
[ -z "$NOTES" ] && NOTES="Release candidate"
# Find the RC release and update its body
RELEASE_ID=$(curl -sf -H "Authorization: token ${TOKEN}" \
"${API_BASE}/releases/tags/release-candidate" \
| python3 -c "import json,sys; print(json.load(sys.stdin).get('id',''))" 2>/dev/null || true)
if [ -n "$RELEASE_ID" ]; then
python3 -c "
import json, urllib.request
body = open('/dev/stdin').read()
payload = json.dumps({'body': body}).encode()
req = urllib.request.Request(
'${API_BASE}/releases/${RELEASE_ID}',
data=payload, method='PATCH',
headers={
'Authorization': 'token ${TOKEN}',
'Content-Type': 'application/json'
})
urllib.request.urlopen(req)
" <<< "$NOTES"
echo "RC release notes updated from CHANGELOG.md"
fi
- name: Summary
if: always()
run: |
echo "## Promoted to Release Candidate" >> $GITHUB_STEP_SUMMARY
echo "Branch renamed to rc, minor bump, RC release built" >> $GITHUB_STEP_SUMMARY
# ── Merged PR → Build & Release (or promote RC to stable) ─────────────────────────
release:
name: Build & Release Pipeline
runs-on: release
if: >-
github.event.pull_request.merged == true ||
(github.event_name == 'workflow_dispatch' && inputs.action != 'promote-rc')
steps:
- name: Checkout repository
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
with:
token: ${{ secrets.MOKOGITEA_TOKEN }}
fetch-depth: 0
- name: Configure git for bot pushes
run: |
git config --local user.email "gitea-actions[bot]@mokoconsulting.tech"
git config --local user.name "gitea-actions[bot]"
git remote set-url origin "https://x-access-token:${{ secrets.MOKOGITEA_TOKEN }}@git.mokoconsulting.tech/${{ github.repository }}.git"
- name: Check for merge conflict markers
run: |
CONFLICTS=$(grep -rn '<<<<<<< \|>>>>>>> \|^=======$' --include='*.php' --include='*.xml' --include='*.css' --include='*.js' --include='*.json' --include='*.md' --include='*.yml' --include='*.yaml' --include='*.ini' --include='*.txt' . 2>/dev/null | grep -v '.git/' || true)
if [ -n "$CONFLICTS" ]; then
echo "::error::Merge conflict markers found — aborting release"
echo "## Release Blocked: Conflict Markers" >> $GITHUB_STEP_SUMMARY
echo '```' >> $GITHUB_STEP_SUMMARY
echo "$CONFLICTS" >> $GITHUB_STEP_SUMMARY
echo '```' >> $GITHUB_STEP_SUMMARY
exit 1
fi
echo "No conflict markers found"
- name: Setup mokocli tools
env:
MOKO_CLONE_TOKEN: ${{ secrets.MOKOGITEA_TOKEN }}
MOKO_CLONE_HOST: git.mokoconsulting.tech/MokoConsulting
COMPOSER_AUTH: '{"github-oauth":{"github.com":"${{ secrets.GH_MIRROR_TOKEN }}"}}'
run: |
if [ -f /opt/mokocli/cli/version_bump.php ] && [ -f /opt/mokocli/vendor/autoload.php ]; then
echo Using pre-installed /opt/mokocli
echo MOKO_CLI=/opt/mokocli/cli >> $GITHUB_ENV
else
echo Falling back to fresh clone
if ! command -v composer > /dev/null 2>&1; then
sudo apt-get update -qq && sudo apt-get install -y -qq php-cli php-mbstring php-xml php-zip php-curl composer > /dev/null 2>&1
fi
rm -rf /tmp/mokocli
CLONE_URL=https://x-access-token:${MOKO_CLONE_TOKEN}@${MOKO_CLONE_HOST}/mokocli.git
git clone --depth 1 --branch main --quiet $CLONE_URL /tmp/mokocli
cd /tmp/mokocli
composer install --no-dev --no-interaction --quiet
echo MOKO_CLI=/tmp/mokocli/cli >> $GITHUB_ENV
fi
- name: "Detect platform"
id: platform
run: |
php ${MOKO_CLI}/platform_detect.php --path . --github-output 2>/dev/null || true
php ${MOKO_CLI}/manifest_read.php --path . --github-output 2>/dev/null || true
- name: "Determine version bump level"
id: bump
run: |
# Fix/patch branches: version was already bumped by pre-release, just strip suffix
# Feature/dev branches: bump minor for the new stable release
HEAD_REF="${{ github.event.pull_request.head.ref || 'dev' }}"
case "$HEAD_REF" in
fix/*|patch/*|hotfix/*|bugfix/*) BUMP="none" ;;
*) BUMP="minor" ;;
esac
echo "level=${BUMP}" >> "$GITHUB_OUTPUT"
echo "Bump level: ${BUMP} (from branch: ${HEAD_REF})"
- name: "Publish stable release"
run: |
BUMP_FLAG=""
if [ "${{ steps.bump.outputs.level }}" != "none" ]; then
BUMP_FLAG="--bump ${{ steps.bump.outputs.level }}"
fi
php ${MOKO_CLI}/release_publish.php \
--path . --stability stable ${BUMP_FLAG} --branch main \
--token "${{ secrets.MOKOGITEA_TOKEN }}"
- name: "Read published version"
id: version
run: |
VERSION=$(php ${MOKO_CLI}/version_read.php --path . 2>/dev/null || echo "")
VERSION=$(echo "$VERSION" | sed 's/-\(dev\|alpha\|beta\|rc\)$//')
[ -z "$VERSION" ] && VERSION="00.00.00" && echo "skip=true" >> "$GITHUB_OUTPUT"
echo "version=${VERSION}" >> "$GITHUB_OUTPUT"
PLATFORM="${{ steps.platform.outputs.platform }}"
if [[ "$PLATFORM" == joomla* ]]; then
echo "tag=stable" >> "$GITHUB_OUTPUT"
echo "release_tag=stable" >> "$GITHUB_OUTPUT"
else
echo "tag=v${VERSION}" >> "$GITHUB_OUTPUT"
echo "release_tag=v${VERSION}" >> "$GITHUB_OUTPUT"
fi
echo "branch=main" >> "$GITHUB_OUTPUT"
echo "Published version: ${VERSION}"
- name: "Create semver tag for non-Joomla repos"
id: semver
if: |
steps.version.outputs.skip != 'true' &&
!startsWith(steps.platform.outputs.platform, 'joomla')
run: |
VERSION="${{ steps.version.outputs.version }}"
API_BASE="${GITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
TOKEN="${{ secrets.MOKOGITEA_TOKEN }}"
SEMVER_TAG="v${VERSION}"
echo "Creating semver tag: ${SEMVER_TAG}"
# Create the git tag via API
HTTP_CODE=$(curl -sf -o /dev/null -w "%{http_code}" \
-X POST -H "Authorization: token ${TOKEN}" \
-H "Content-Type: application/json" \
"${API_BASE}/tags" \
-d "{\"tag_name\":\"${SEMVER_TAG}\",\"target\":\"main\",\"message\":\"Release ${VERSION}\"}" 2>/dev/null || echo "000")
if [ "$HTTP_CODE" = "201" ] || [ "$HTTP_CODE" = "200" ]; then
echo "Created semver tag: ${SEMVER_TAG}"
elif [ "$HTTP_CODE" = "409" ]; then
echo "Semver tag ${SEMVER_TAG} already exists (skipped)"
else
echo "::warning::Failed to create semver tag ${SEMVER_TAG} (HTTP ${HTTP_CODE})"
fi
echo "semver_tag=${SEMVER_TAG}" >> "$GITHUB_OUTPUT"
- name: Update release notes and promote changelog
run: |
API_BASE="${GITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
TOKEN="${{ secrets.MOKOGITEA_TOKEN }}"
# Get the stable release info (version and ID)
RELEASE_JSON=$(curl -sf -H "Authorization: token ${TOKEN}" \
"${API_BASE}/releases/tags/stable" 2>/dev/null || echo '{}')
RELEASE_ID=$(python3 -c "import json,sys; print(json.load(sys.stdin).get('id',''))" <<< "$RELEASE_JSON" 2>/dev/null || true)
# Extract version from release name (e.g. "06.17.00" or "v06.17.00")
VERSION=$(python3 -c "
import json, sys, re
r = json.load(sys.stdin)
name = r.get('name', '')
m = re.search(r'(\d+\.\d+\.\d+)', name)
print(m.group(1) if m else '')
" <<< "$RELEASE_JSON" 2>/dev/null || true)
# Extract [Unreleased] section from changelog
NOTES=""
if [ -f "CHANGELOG.md" ]; then
NOTES=$(awk '/^## \[Unreleased\]/{found=1; next} /^## \[/{if(found) exit} found{print}' CHANGELOG.md)
fi
[ -z "$NOTES" ] && NOTES="Stable release"
# Update release body via API
if [ -n "$RELEASE_ID" ]; then
python3 -c "
import json, urllib.request
body = open('/dev/stdin').read()
payload = json.dumps({'body': body}).encode()
req = urllib.request.Request(
'${API_BASE}/releases/${RELEASE_ID}',
data=payload, method='PATCH',
headers={
'Authorization': 'token ${TOKEN}',
'Content-Type': 'application/json'
})
urllib.request.urlopen(req)
" <<< "$NOTES"
echo "Release notes updated from CHANGELOG.md"
fi
# Promote [Unreleased] → [version] in CHANGELOG.md and reset
if [ -n "$VERSION" ] && [ -f "CHANGELOG.md" ]; then
DATE=$(date +%Y-%m-%d)
python3 -c "
import sys
version, date = sys.argv[1], sys.argv[2]
content = open('CHANGELOG.md').read()
old = '## [Unreleased]'
new = f'## [Unreleased]\n\n## [{version}] --- {date}'
content = content.replace(old, new, 1)
open('CHANGELOG.md', 'w').write(content)
" "$VERSION" "$DATE"
git add CHANGELOG.md
git commit -m "chore: promote changelog [Unreleased] → [${VERSION}]" || true
git push origin main || true
echo "Changelog promoted: [Unreleased] → [${VERSION}]"
fi
# -- STEP 9: Mirror to GitHub (stable only) --------------------------------
- name: "Step 9: Mirror release to GitHub"
if: >-
steps.version.outputs.skip != 'true' &&
secrets.GH_MIRROR_TOKEN != ''
continue-on-error: true
run: |
VERSION="${{ steps.bump.outputs.version || steps.version.outputs.version }}"
RELEASE_TAG="${{ steps.version.outputs.release_tag }}"
GH_REPO="${{ vars.GH_MIRROR_REPO || github.repository }}"
API_BASE="${GITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
php ${MOKO_CLI}/release_mirror.php \
--version "$VERSION" --tag "$RELEASE_TAG" \
--token "${{ secrets.MOKOGITEA_TOKEN }}" --api-base "$API_BASE" \
--gh-token "${{ secrets.GH_MIRROR_TOKEN }}" --gh-repo "$GH_REPO" \
--branch main 2>&1 || true
echo "GitHub mirror updated" >> $GITHUB_STEP_SUMMARY
# -- STEP 10: Sync main branch to GitHub mirror ----------------------------
- name: "Step 10: Push main to GitHub mirror"
if: >-
steps.version.outputs.skip != 'true' &&
secrets.GH_MIRROR_TOKEN != ''
continue-on-error: true
run: |
GH_REPO="${{ vars.GH_MIRROR_REPO || github.repository }}"
GH_ORG=$(echo "$GH_REPO" | cut -d/ -f1)
GH_NAME=$(echo "$GH_REPO" | cut -d/ -f2)
git remote add github "https://x-access-token:${{ secrets.GH_MIRROR_TOKEN }}@github.com/${GH_ORG}/${GH_NAME}.git" 2>/dev/null || \
git remote set-url github "https://x-access-token:${{ secrets.GH_MIRROR_TOKEN }}@github.com/${GH_ORG}/${GH_NAME}.git"
git fetch origin main --depth=1
git push github origin/main:refs/heads/main --force 2>/dev/null \
&& echo "main branch pushed to GitHub mirror" \
|| echo "WARNING: GitHub mirror push failed"
- name: "Step 11: Delete rc branch and recreate dev from main"
if: steps.version.outputs.skip != 'true'
continue-on-error: true
run: |
API_BASE="${GITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
TOKEN="${{ secrets.MOKOGITEA_TOKEN }}"
# Delete rc branch (ephemeral — created by promote-rc)
curl -sf -X DELETE -H "Authorization: token ${TOKEN}" \
"${API_BASE}/branches/rc" 2>/dev/null \
&& echo "Deleted rc branch" || echo "rc branch not found"
# Delete dev branch
curl -sf -X DELETE -H "Authorization: token ${TOKEN}" \
"${API_BASE}/branches/dev" 2>/dev/null && echo "Deleted dev branch"
# Recreate dev from main (now includes version bump + changelog promotion)
curl -sf -X POST -H "Authorization: token ${TOKEN}" \
-H "Content-Type: application/json" \
"${API_BASE}/branches" \
-d '{"new_branch_name":"dev","old_branch_name":"main"}' 2>/dev/null && echo "Recreated dev from main"
echo "Pre-release branches cleaned, dev reset from main" >> $GITHUB_STEP_SUMMARY
- name: "Step 12: Create version branch from main"
if: steps.version.outputs.skip != 'true'
continue-on-error: true
run: |
API_BASE="${GITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
TOKEN="${{ secrets.MOKOGITEA_TOKEN }}"
VERSION="${{ steps.bump.outputs.version || steps.version.outputs.version }}"
BRANCH_NAME="version/${VERSION}"
MAIN_SHA=$(git rev-parse HEAD)
# Delete old version branch if it exists (same version re-release)
curl -sf -X DELETE -H "Authorization: token ${TOKEN}" "${API_BASE}/branches/${BRANCH_NAME}" 2>/dev/null && echo "Deleted old ${BRANCH_NAME}"
# Create version/XX.YY.ZZ from main
curl -sf -X POST -H "Authorization: token ${TOKEN}" -H "Content-Type: application/json" "${API_BASE}/branches" -d "{\"new_branch_name\":\"${BRANCH_NAME}\",\"old_branch_name\":\"main\"}" 2>/dev/null && echo "Created ${BRANCH_NAME} from main (${MAIN_SHA})" || echo "WARNING: ${BRANCH_NAME} creation failed"
echo "Version branch created: ${BRANCH_NAME} (${MAIN_SHA})" >> $GITHUB_STEP_SUMMARY
# -- Dolibarr post-release: Reset dev version -----------------------------
- name: "Post-release: Reset dev version"
if: steps.version.outputs.skip != 'true'
continue-on-error: true
run: |
API_BASE="${GITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
php ${MOKO_CLI}/version_reset_dev.php \
--token "${{ secrets.MOKOGITEA_TOKEN }}" --api-base "${API_BASE}" \
--branch dev --path . 2>&1 || true
# -- Summary --------------------------------------------------------------
- name: Pipeline Summary
if: always()
run: |
VERSION="${{ steps.bump.outputs.version || steps.version.outputs.version }}"
PLATFORM="${{ steps.platform.outputs.platform }}"
if [ "${{ steps.version.outputs.skip }}" = "true" ]; then
echo "## Release Skipped" >> $GITHUB_STEP_SUMMARY
echo "No VERSION in README.md" >> $GITHUB_STEP_SUMMARY
elif [ "${{ steps.check.outputs.already_released }}" = "true" ]; then
echo "## Already Released — ${VERSION}" >> $GITHUB_STEP_SUMMARY
else
echo "" >> $GITHUB_STEP_SUMMARY
echo "## Build & Release Complete (${PLATFORM})" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "| Step | Result |" >> $GITHUB_STEP_SUMMARY
echo "|------|--------|" >> $GITHUB_STEP_SUMMARY
echo "| Platform | \`${PLATFORM}\` |" >> $GITHUB_STEP_SUMMARY
echo "| Version | \`${VERSION}\` |" >> $GITHUB_STEP_SUMMARY
echo "| Branch | \`${{ steps.version.outputs.branch }}\` |" >> $GITHUB_STEP_SUMMARY
echo "| Tag | \`${{ steps.version.outputs.tag }}\` |" >> $GITHUB_STEP_SUMMARY
echo "| Release | [View](${GITEA_URL}/${GITEA_ORG}/${GITEA_REPO}/releases/tag/${{ steps.version.outputs.tag }}) |" >> $GITHUB_STEP_SUMMARY
fi
# Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
#
# SPDX-License-Identifier: GPL-3.0-or-later
#
# FILE INFORMATION
# DEFGROUP: Gitea.Workflow
# INGROUP: mokocli.Release
# REPO: https://git.mokoconsulting.tech/mokoconsulting-tech/mokocli
# PATH: /templates/workflows/universal/auto-release.yml.template
# VERSION: 05.00.00
# BRIEF: Universal build & release detects platform from manifest.xml
#
# +=======================================================================+
# | UNIVERSAL BUILD & RELEASE PIPELINE |
# +=======================================================================+
# | |
# | Reads manifest.xml (joomla|dolibarr|generic) to branch logic. |
# | |
# | Platform-specific: |
# | joomla: XML manifest, type-prefixed packages |
# | dolibarr: mod*.class.php, update.txt, dev version reset |
# | generic: README-only, no update stream |
# | |
# +=======================================================================+
name: "Universal: Build & Release"
on:
pull_request:
types: [opened, synchronize, closed]
branches:
- main
paths-ignore:
- '.mokogitea/workflows/**'
- '*.md'
- 'wiki/**'
- '.editorconfig'
- '.gitignore'
- '.gitattributes'
- '.gitmessage'
- 'LICENSE'
workflow_dispatch:
inputs:
action:
description: 'Action to perform'
required: false
type: choice
default: release
options:
- release
- promote-rc
env:
FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
GITEA_URL: ${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}
GITEA_ORG: ${{ vars.GITEA_ORG || github.repository_owner }}
GITEA_REPO: ${{ vars.GITEA_REPO || github.event.repository.name }}
permissions:
contents: write
jobs:
# ── PR Opened → Rename branch to RC and build RC release ─────────────────────────
promote-rc:
name: Promote to RC
runs-on: release
if: >-
(github.event.action == 'opened' && github.event.pull_request.merged != true) ||
(github.event.action == 'synchronize' && github.event.pull_request.merged != true) ||
(github.event_name == 'workflow_dispatch' && inputs.action == 'promote-rc')
steps:
- name: Checkout repository
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
with:
token: ${{ secrets.MOKOGITEA_TOKEN }}
fetch-depth: 1
- name: Setup mokocli tools
env:
MOKO_CLONE_TOKEN: ${{ secrets.MOKOGITEA_TOKEN }}
MOKO_CLONE_HOST: git.mokoconsulting.tech/MokoConsulting
run: |
if [ -f /opt/mokocli/cli/version_bump.php ] && [ -f /opt/mokocli/vendor/autoload.php ]; then
echo Using pre-installed /opt/mokocli
echo MOKO_CLI=/opt/mokocli/cli >> $GITHUB_ENV
else
echo Falling back to fresh clone
if ! command -v composer > /dev/null 2>&1; then
sudo apt-get update -qq && sudo apt-get install -y -qq php-cli php-mbstring php-xml php-zip php-curl composer > /dev/null 2>&1
fi
rm -rf /tmp/mokocli
CLONE_URL=https://x-access-token:${MOKO_CLONE_TOKEN}@${MOKO_CLONE_HOST}/mokocli.git
git clone --depth 1 --branch main --quiet $CLONE_URL /tmp/mokocli
cd /tmp/mokocli
composer install --no-dev --no-interaction --quiet
echo MOKO_CLI=/tmp/mokocli/cli >> $GITHUB_ENV
fi
- name: Rename branch to rc
run: |
php ${MOKO_CLI}/branch_rename.php \
--from "${{ github.event.pull_request.head.ref || 'dev' }}" --to rc \
--token "${{ secrets.MOKOGITEA_TOKEN }}" \
--api-base "${GITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}" \
--pr "${{ github.event.pull_request.number }}"
- name: Checkout rc and configure git
run: |
git fetch origin rc
git checkout rc
git config --local user.email "gitea-actions[bot]@mokoconsulting.tech"
git config --local user.name "gitea-actions[bot]"
git remote set-url origin "https://x-access-token:${{ secrets.MOKOGITEA_TOKEN }}@git.mokoconsulting.tech/${{ github.repository }}.git"
- name: Publish RC release
run: |
php ${MOKO_CLI}/release_publish.php \
--path . --stability rc --bump minor --branch rc \
--token "${{ secrets.MOKOGITEA_TOKEN }}"
- name: Update RC release notes from CHANGELOG.md
run: |
API_BASE="${GITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
TOKEN="${{ secrets.MOKOGITEA_TOKEN }}"
# Extract [Unreleased] section from changelog
NOTES=""
if [ -f "CHANGELOG.md" ]; then
NOTES=$(awk '/^## \[Unreleased\]/{found=1; next} /^## \[/{if(found) exit} found{print}' CHANGELOG.md)
fi
[ -z "$NOTES" ] && NOTES="Release candidate"
# Find the RC release and update its body
RELEASE_ID=$(curl -sf -H "Authorization: token ${TOKEN}" \
"${API_BASE}/releases/tags/release-candidate" \
| python3 -c "import json,sys; print(json.load(sys.stdin).get('id',''))" 2>/dev/null || true)
if [ -n "$RELEASE_ID" ]; then
python3 -c "
import json, urllib.request
body = open('/dev/stdin').read()
payload = json.dumps({'body': body}).encode()
req = urllib.request.Request(
'${API_BASE}/releases/${RELEASE_ID}',
data=payload, method='PATCH',
headers={
'Authorization': 'token ${TOKEN}',
'Content-Type': 'application/json'
})
urllib.request.urlopen(req)
" <<< "$NOTES"
echo "RC release notes updated from CHANGELOG.md"
fi
- name: Summary
if: always()
run: |
echo "## Promoted to Release Candidate" >> $GITHUB_STEP_SUMMARY
echo "Branch renamed to rc, minor bump, RC release built" >> $GITHUB_STEP_SUMMARY
# ── Merged PR → Build & Release (or promote RC to stable) ─────────────────────────
release:
name: Build & Release Pipeline
runs-on: release
if: >-
github.event.pull_request.merged == true ||
(github.event_name == 'workflow_dispatch' && inputs.action != 'promote-rc')
steps:
- name: Checkout repository
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
with:
token: ${{ secrets.MOKOGITEA_TOKEN }}
fetch-depth: 0
- name: Configure git for bot pushes
run: |
git config --local user.email "gitea-actions[bot]@mokoconsulting.tech"
git config --local user.name "gitea-actions[bot]"
git remote set-url origin "https://x-access-token:${{ secrets.MOKOGITEA_TOKEN }}@git.mokoconsulting.tech/${{ github.repository }}.git"
- name: Check for merge conflict markers
run: |
CONFLICTS=$(grep -rn '<<<<<<< \|>>>>>>> \|^=======$' --include='*.php' --include='*.xml' --include='*.css' --include='*.js' --include='*.json' --include='*.md' --include='*.yml' --include='*.yaml' --include='*.ini' --include='*.txt' . 2>/dev/null | grep -v '.git/' || true)
if [ -n "$CONFLICTS" ]; then
echo "::error::Merge conflict markers found — aborting release"
echo "## Release Blocked: Conflict Markers" >> $GITHUB_STEP_SUMMARY
echo '```' >> $GITHUB_STEP_SUMMARY
echo "$CONFLICTS" >> $GITHUB_STEP_SUMMARY
echo '```' >> $GITHUB_STEP_SUMMARY
exit 1
fi
echo "No conflict markers found"
- name: Setup mokocli tools
env:
MOKO_CLONE_TOKEN: ${{ secrets.MOKOGITEA_TOKEN }}
MOKO_CLONE_HOST: git.mokoconsulting.tech/MokoConsulting
COMPOSER_AUTH: '{"github-oauth":{"github.com":"${{ secrets.GH_MIRROR_TOKEN }}"}}'
run: |
if [ -f /opt/mokocli/cli/version_bump.php ] && [ -f /opt/mokocli/vendor/autoload.php ]; then
echo Using pre-installed /opt/mokocli
echo MOKO_CLI=/opt/mokocli/cli >> $GITHUB_ENV
else
echo Falling back to fresh clone
if ! command -v composer > /dev/null 2>&1; then
sudo apt-get update -qq && sudo apt-get install -y -qq php-cli php-mbstring php-xml php-zip php-curl composer > /dev/null 2>&1
fi
rm -rf /tmp/mokocli
CLONE_URL=https://x-access-token:${MOKO_CLONE_TOKEN}@${MOKO_CLONE_HOST}/mokocli.git
git clone --depth 1 --branch main --quiet $CLONE_URL /tmp/mokocli
cd /tmp/mokocli
composer install --no-dev --no-interaction --quiet
echo MOKO_CLI=/tmp/mokocli/cli >> $GITHUB_ENV
fi
- name: "Detect platform"
id: platform
run: |
php ${MOKO_CLI}/platform_detect.php --path . --github-output 2>/dev/null || true
php ${MOKO_CLI}/manifest_read.php --path . --github-output 2>/dev/null || true
- name: "Determine version bump level"
id: bump
run: |
# Fix/patch branches: version was already bumped by pre-release, just strip suffix
# Feature/dev branches: bump minor for the new stable release
HEAD_REF="${{ github.event.pull_request.head.ref || 'dev' }}"
case "$HEAD_REF" in
fix/*|patch/*|hotfix/*|bugfix/*) BUMP="none" ;;
*) BUMP="minor" ;;
esac
echo "level=${BUMP}" >> "$GITHUB_OUTPUT"
echo "Bump level: ${BUMP} (from branch: ${HEAD_REF})"
- name: "Publish stable release"
run: |
BUMP_FLAG=""
if [ "${{ steps.bump.outputs.level }}" != "none" ]; then
BUMP_FLAG="--bump ${{ steps.bump.outputs.level }}"
fi
php ${MOKO_CLI}/release_publish.php \
--path . --stability stable ${BUMP_FLAG} --branch main \
--token "${{ secrets.MOKOGITEA_TOKEN }}"
- name: "Read published version"
id: version
run: |
VERSION=$(php ${MOKO_CLI}/version_read.php --path . 2>/dev/null || echo "")
VERSION=$(echo "$VERSION" | sed 's/-\(dev\|alpha\|beta\|rc\)$//')
[ -z "$VERSION" ] && VERSION="00.00.00" && echo "skip=true" >> "$GITHUB_OUTPUT"
echo "version=${VERSION}" >> "$GITHUB_OUTPUT"
PLATFORM="${{ steps.platform.outputs.platform }}"
if [[ "$PLATFORM" == joomla* ]]; then
echo "tag=stable" >> "$GITHUB_OUTPUT"
echo "release_tag=stable" >> "$GITHUB_OUTPUT"
else
echo "tag=v${VERSION}" >> "$GITHUB_OUTPUT"
echo "release_tag=v${VERSION}" >> "$GITHUB_OUTPUT"
fi
echo "branch=main" >> "$GITHUB_OUTPUT"
echo "Published version: ${VERSION}"
- name: "Create semver tag for non-Joomla repos"
id: semver
if: |
steps.version.outputs.skip != 'true' &&
!startsWith(steps.platform.outputs.platform, 'joomla')
run: |
VERSION="${{ steps.version.outputs.version }}"
API_BASE="${GITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
TOKEN="${{ secrets.MOKOGITEA_TOKEN }}"
SEMVER_TAG="v${VERSION}"
echo "Creating semver tag: ${SEMVER_TAG}"
# Create the git tag via API
HTTP_CODE=$(curl -sf -o /dev/null -w "%{http_code}" \
-X POST -H "Authorization: token ${TOKEN}" \
-H "Content-Type: application/json" \
"${API_BASE}/tags" \
-d "{\"tag_name\":\"${SEMVER_TAG}\",\"target\":\"main\",\"message\":\"Release ${VERSION}\"}" 2>/dev/null || echo "000")
if [ "$HTTP_CODE" = "201" ] || [ "$HTTP_CODE" = "200" ]; then
echo "Created semver tag: ${SEMVER_TAG}"
elif [ "$HTTP_CODE" = "409" ]; then
echo "Semver tag ${SEMVER_TAG} already exists (skipped)"
else
echo "::warning::Failed to create semver tag ${SEMVER_TAG} (HTTP ${HTTP_CODE})"
fi
echo "semver_tag=${SEMVER_TAG}" >> "$GITHUB_OUTPUT"
- name: Update release notes and promote changelog
run: |
API_BASE="${GITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
TOKEN="${{ secrets.MOKOGITEA_TOKEN }}"
# Get the stable release info (version and ID)
RELEASE_JSON=$(curl -sf -H "Authorization: token ${TOKEN}" \
"${API_BASE}/releases/tags/stable" 2>/dev/null || echo '{}')
RELEASE_ID=$(python3 -c "import json,sys; print(json.load(sys.stdin).get('id',''))" <<< "$RELEASE_JSON" 2>/dev/null || true)
# Extract version from release name (e.g. "06.17.00" or "v06.17.00")
VERSION=$(python3 -c "
import json, sys, re
r = json.load(sys.stdin)
name = r.get('name', '')
m = re.search(r'(\d+\.\d+\.\d+)', name)
print(m.group(1) if m else '')
" <<< "$RELEASE_JSON" 2>/dev/null || true)
# Extract [Unreleased] section from changelog
NOTES=""
if [ -f "CHANGELOG.md" ]; then
NOTES=$(awk '/^## \[Unreleased\]/{found=1; next} /^## \[/{if(found) exit} found{print}' CHANGELOG.md)
fi
[ -z "$NOTES" ] && NOTES="Stable release"
# Update release body via API
if [ -n "$RELEASE_ID" ]; then
python3 -c "
import json, urllib.request
body = open('/dev/stdin').read()
payload = json.dumps({'body': body}).encode()
req = urllib.request.Request(
'${API_BASE}/releases/${RELEASE_ID}',
data=payload, method='PATCH',
headers={
'Authorization': 'token ${TOKEN}',
'Content-Type': 'application/json'
})
urllib.request.urlopen(req)
" <<< "$NOTES"
echo "Release notes updated from CHANGELOG.md"
fi
# Promote [Unreleased] → [version] in CHANGELOG.md and reset
if [ -n "$VERSION" ] && [ -f "CHANGELOG.md" ]; then
DATE=$(date +%Y-%m-%d)
python3 -c "
import sys
version, date = sys.argv[1], sys.argv[2]
content = open('CHANGELOG.md').read()
old = '## [Unreleased]'
new = f'## [Unreleased]\n\n## [{version}] --- {date}'
content = content.replace(old, new, 1)
open('CHANGELOG.md', 'w').write(content)
" "$VERSION" "$DATE"
git add CHANGELOG.md
git commit -m "chore: promote changelog [Unreleased] → [${VERSION}]" || true
git push origin main || true
echo "Changelog promoted: [Unreleased] → [${VERSION}]"
fi
# -- STEP 9: Mirror to GitHub (stable only) --------------------------------
- name: "Step 9: Mirror release to GitHub"
if: >-
steps.version.outputs.skip != 'true' &&
secrets.GH_MIRROR_TOKEN != ''
continue-on-error: true
run: |
VERSION="${{ steps.bump.outputs.version || steps.version.outputs.version }}"
RELEASE_TAG="${{ steps.version.outputs.release_tag }}"
GH_REPO="${{ vars.GH_MIRROR_REPO || github.repository }}"
API_BASE="${GITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
php ${MOKO_CLI}/release_mirror.php \
--version "$VERSION" --tag "$RELEASE_TAG" \
--token "${{ secrets.MOKOGITEA_TOKEN }}" --api-base "$API_BASE" \
--gh-token "${{ secrets.GH_MIRROR_TOKEN }}" --gh-repo "$GH_REPO" \
--branch main 2>&1 || true
echo "GitHub mirror updated" >> $GITHUB_STEP_SUMMARY
# -- STEP 10: Sync main branch to GitHub mirror ----------------------------
- name: "Step 10: Push main to GitHub mirror"
if: >-
steps.version.outputs.skip != 'true' &&
secrets.GH_MIRROR_TOKEN != ''
continue-on-error: true
run: |
GH_REPO="${{ vars.GH_MIRROR_REPO || github.repository }}"
GH_ORG=$(echo "$GH_REPO" | cut -d/ -f1)
GH_NAME=$(echo "$GH_REPO" | cut -d/ -f2)
git remote add github "https://x-access-token:${{ secrets.GH_MIRROR_TOKEN }}@github.com/${GH_ORG}/${GH_NAME}.git" 2>/dev/null || \
git remote set-url github "https://x-access-token:${{ secrets.GH_MIRROR_TOKEN }}@github.com/${GH_ORG}/${GH_NAME}.git"
git fetch origin main --depth=1
git push github origin/main:refs/heads/main --force 2>/dev/null \
&& echo "main branch pushed to GitHub mirror" \
|| echo "WARNING: GitHub mirror push failed"
- name: "Step 11: Delete rc branch and recreate dev from main"
if: steps.version.outputs.skip != 'true'
continue-on-error: true
run: |
API_BASE="${GITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
TOKEN="${{ secrets.MOKOGITEA_TOKEN }}"
# Delete rc branch (ephemeral — created by promote-rc)
curl -sf -X DELETE -H "Authorization: token ${TOKEN}" \
"${API_BASE}/branches/rc" 2>/dev/null \
&& echo "Deleted rc branch" || echo "rc branch not found"
# Delete dev branch
curl -sf -X DELETE -H "Authorization: token ${TOKEN}" \
"${API_BASE}/branches/dev" 2>/dev/null && echo "Deleted dev branch"
# Recreate dev from main (now includes version bump + changelog promotion)
curl -sf -X POST -H "Authorization: token ${TOKEN}" \
-H "Content-Type: application/json" \
"${API_BASE}/branches" \
-d '{"new_branch_name":"dev","old_branch_name":"main"}' 2>/dev/null && echo "Recreated dev from main"
echo "Pre-release branches cleaned, dev reset from main" >> $GITHUB_STEP_SUMMARY
- name: "Step 12: Create version branch from main"
if: steps.version.outputs.skip != 'true'
continue-on-error: true
run: |
API_BASE="${GITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
TOKEN="${{ secrets.MOKOGITEA_TOKEN }}"
VERSION="${{ steps.bump.outputs.version || steps.version.outputs.version }}"
BRANCH_NAME="version/${VERSION}"
MAIN_SHA=$(git rev-parse HEAD)
# Delete old version branch if it exists (same version re-release)
curl -sf -X DELETE -H "Authorization: token ${TOKEN}" "${API_BASE}/branches/${BRANCH_NAME}" 2>/dev/null && echo "Deleted old ${BRANCH_NAME}"
# Create version/XX.YY.ZZ from main
curl -sf -X POST -H "Authorization: token ${TOKEN}" -H "Content-Type: application/json" "${API_BASE}/branches" -d "{\"new_branch_name\":\"${BRANCH_NAME}\",\"old_branch_name\":\"main\"}" 2>/dev/null && echo "Created ${BRANCH_NAME} from main (${MAIN_SHA})" || echo "WARNING: ${BRANCH_NAME} creation failed"
echo "Version branch created: ${BRANCH_NAME} (${MAIN_SHA})" >> $GITHUB_STEP_SUMMARY
# -- Dolibarr post-release: Reset dev version -----------------------------
- name: "Post-release: Reset dev version"
if: steps.version.outputs.skip != 'true'
continue-on-error: true
run: |
API_BASE="${GITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
php ${MOKO_CLI}/version_reset_dev.php \
--token "${{ secrets.MOKOGITEA_TOKEN }}" --api-base "${API_BASE}" \
--branch dev --path . 2>&1 || true
# -- Summary --------------------------------------------------------------
- name: Pipeline Summary
if: always()
run: |
VERSION="${{ steps.bump.outputs.version || steps.version.outputs.version }}"
PLATFORM="${{ steps.platform.outputs.platform }}"
if [ "${{ steps.version.outputs.skip }}" = "true" ]; then
echo "## Release Skipped" >> $GITHUB_STEP_SUMMARY
echo "No VERSION in README.md" >> $GITHUB_STEP_SUMMARY
elif [ "${{ steps.check.outputs.already_released }}" = "true" ]; then
echo "## Already Released — ${VERSION}" >> $GITHUB_STEP_SUMMARY
else
echo "" >> $GITHUB_STEP_SUMMARY
echo "## Build & Release Complete (${PLATFORM})" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "| Step | Result |" >> $GITHUB_STEP_SUMMARY
echo "|------|--------|" >> $GITHUB_STEP_SUMMARY
echo "| Platform | \`${PLATFORM}\` |" >> $GITHUB_STEP_SUMMARY
echo "| Version | \`${VERSION}\` |" >> $GITHUB_STEP_SUMMARY
echo "| Branch | \`${{ steps.version.outputs.branch }}\` |" >> $GITHUB_STEP_SUMMARY
echo "| Tag | \`${{ steps.version.outputs.tag }}\` |" >> $GITHUB_STEP_SUMMARY
echo "| Release | [View](${GITEA_URL}/${GITEA_ORG}/${GITEA_REPO}/releases/tag/${{ steps.version.outputs.tag }}) |" >> $GITHUB_STEP_SUMMARY
fi
.mokogitea/workflows/branch-protection-enforce.yml
+54
View File
@@ -0,0 +1,54 @@
# Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
#
# SPDX-License-Identifier: GPL-3.0-or-later
#
# Enforce branch protection rules across all org repos.
# Runs weekly and on manual dispatch.
name: "Org: Enforce Branch Protections"
on:
schedule:
- cron: '0 6 * * 1' # Every Monday at 6am UTC
workflow_dispatch:
inputs:
dry_run:
description: 'Dry run (show changes without applying)'
required: false
type: boolean
default: false
jobs:
enforce:
name: Enforce Branch Protections
runs-on: release
steps:
- name: Checkout MokoCLI
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
with:
token: ${{ secrets.MOKOGITEA_TOKEN }}
- name: Setup PHP
run: |
if ! command -v php > /dev/null 2>&1; then
sudo apt-get update -qq && sudo apt-get install -y -qq php-cli php-curl > /dev/null 2>&1
fi
- name: Run branch protection enforcement
run: |
DRY_RUN=""
if [ "${{ inputs.dry_run }}" = "true" ]; then
DRY_RUN="--dry-run"
fi
php cli/branch_protect_org.php \
--token "${{ secrets.MOKOGITEA_TOKEN }}" \
--org "MokoConsulting" \
$DRY_RUN
- name: Summary
if: always()
run: |
echo "## Branch Protection Enforcement" >> $GITHUB_STEP_SUMMARY
echo "All repos checked for main, dev, rc, beta, alpha protections" >> $GITHUB_STEP_SUMMARY
echo "Push whitelist: jmiller only" >> $GITHUB_STEP_SUMMARY
.mokogitea/workflows/composer-publish.yml
+3 -3
View File
@@ -52,15 +52,15 @@ jobs:
echo "Package available at: ${GITEA_URL}/api/packages/MokoConsulting/composer"
echo "Install: composer require mokoconsulting/mokocli"
# Packagist — notify of new version
# Packagist — notify of new version (points to GitHub mirror which Packagist can access)
- name: Notify Packagist
if: secrets.PACKAGIST_TOKEN != ''
if: ${{ secrets.PACKAGIST_TOKEN != '' }}
run: |
VERSION="${{ steps.version.outputs.version }}"
echo "Notifying Packagist of version ${VERSION}..."
curl -sf -X POST \
-H "Content-Type: application/json" \
-d '{"repository":{"url":"https://git.mokoconsulting.tech/MokoConsulting/mokocli"}}' \
-d '{"repository":{"url":"https://github.com/mokoconsulting-tech/mokocli"}}' \
"https://packagist.org/api/update-package?username=mokoconsulting&apiToken=${{ secrets.PACKAGIST_TOKEN }}" \
&& echo "Packagist notified" \
|| echo "::warning::Packagist notification failed (package may not be registered yet)"
.mokogitea/workflows/issue-branch.yml
+1 -1
View File
@@ -5,7 +5,7 @@
# FILE INFORMATION
# DEFGROUP: Gitea.Workflow
# INGROUP: mokocli.Automation
# VERSION: 01.00.00
# VERSION: 09.41.00
# BRIEF: Auto-create feature branch when an issue is opened
name: "Universal: Issue Branch"
.mokogitea/workflows/security-audit.yml
-82
View File
@@ -1,82 +0,0 @@
# Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
#
# SPDX-License-Identifier: GPL-3.0-or-later
#
# FILE INFORMATION
# DEFGROUP: Gitea.Workflow
# INGROUP: MokoStandards.Security
# REPO: https://git.mokoconsulting.tech/MokoConsulting/MokoStandards
# PATH: /.gitea/workflows/security-audit.yml
# VERSION: 01.00.00
# BRIEF: Dependency vulnerability scanning for composer and npm packages
name: "Universal: Security Audit"
on:
schedule:
- cron: '0 6 * * 1' # Weekly on Monday at 06:00 UTC
pull_request:
branches:
- main
paths:
- 'composer.json'
- 'composer.lock'
- 'package.json'
- 'package-lock.json'
workflow_dispatch:
permissions:
contents: read
env:
NTFY_URL: ${{ vars.NTFY_URL || 'https://ntfy.mokoconsulting.tech' }}
NTFY_TOPIC: ${{ vars.NTFY_TOPIC || 'gitea-security' }}
jobs:
audit:
name: Dependency Audit
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Composer audit
if: hashFiles('composer.lock') != ''
run: |
echo "=== Composer Security Audit ==="
if ! command -v composer &> /dev/null; then
sudo apt-get update -qq
sudo apt-get install -y -qq php-cli composer >/dev/null 2>&1
fi
composer audit --format=plain 2>&1 | tee /tmp/composer-audit.txt
RESULT=$?
if [ $RESULT -ne 0 ]; then
echo "::warning::Composer vulnerabilities found"
echo "composer_vulnerable=true" >> "$GITHUB_ENV"
else
echo "No known vulnerabilities in composer dependencies"
fi
- name: NPM audit
if: hashFiles('package-lock.json') != ''
run: |
echo "=== NPM Security Audit ==="
npm audit --production 2>&1 | tee /tmp/npm-audit.txt || true
if npm audit --production 2>&1 | grep -q "found 0 vulnerabilities"; then
echo "No known vulnerabilities in npm dependencies"
else
echo "::warning::NPM vulnerabilities found"
echo "npm_vulnerable=true" >> "$GITHUB_ENV"
fi
- name: Notify on vulnerabilities
if: env.composer_vulnerable == 'true' || env.npm_vulnerable == 'true'
run: |
REPO="${{ github.event.repository.name }}"
curl -sS \
-H "Title: ${REPO} has vulnerable dependencies" \
-H "Tags: lock,warning" \
-H "Priority: high" \
-d "Security audit found vulnerabilities. Review dependency updates." \
"${NTFY_URL}/${NTFY_TOPIC}" || true
.mokogitea/workflows/version-set.yml
+130
View File
@@ -0,0 +1,130 @@
# Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
#
# SPDX-License-Identifier: GPL-3.0-or-later
#
# FILE INFORMATION
# DEFGROUP: Gitea.Workflow.Template
# INGROUP: MokoStandards.CI
# REPO: https://git.mokoconsulting.tech/MokoConsulting/Template-Joomla
# PATH: /.mokogitea/workflows/version-set.yml
# VERSION: 01.00.00
# BRIEF: Set or reset the extension version across all version-bearing files
name: "Joomla: Set Version"
on:
workflow_dispatch:
inputs:
version:
description: "Version number (e.g. 01.00.00)"
required: true
type: string
branch:
description: "Branch to update (default: current)"
required: false
type: string
permissions:
contents: write
env:
FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
jobs:
set-version:
name: Set Version to ${{ inputs.version }}
runs-on: ubuntu-latest
steps:
- name: Validate version format
run: |
VERSION="${{ inputs.version }}"
if ! echo "$VERSION" | grep -qP '^\d{2}\.\d{2}\.\d{2}$'; then
echo "::error::Invalid version format '${VERSION}' — expected XX.YY.ZZ (e.g. 01.00.00)"
exit 1
fi
echo "VERSION=${VERSION}" >> "$GITHUB_ENV"
- name: Checkout
uses: actions/checkout@v4
with:
token: ${{ secrets.MOKOGITEA_TOKEN || secrets.GA_TOKEN || github.token }}
ref: ${{ inputs.branch || github.ref }}
fetch-depth: 1
- name: Update manifest version
run: |
MANIFEST=""
for XML_FILE in $(find . -maxdepth 3 -name "*.xml" -not -path "./.git/*" -not -path "./vendor/*"); do
if grep -q "<extension" "$XML_FILE" 2>/dev/null; then
MANIFEST="$XML_FILE"
break
fi
done
if [ -z "$MANIFEST" ]; then
echo "::warning::No Joomla extension manifest found — skipping manifest update"
else
OLD_VER=$(grep -oP '<version>\K[^<]+' "$MANIFEST" | head -1)
sed -i "s|<version>${OLD_VER}</version>|<version>${VERSION}</version>|" "$MANIFEST"
echo "Manifest: ${OLD_VER} → ${VERSION} (${MANIFEST})"
fi
- name: Update README.md version
run: |
if [ -f "README.md" ]; then
if grep -qP '^\s*VERSION:\s*\d' README.md; then
sed -i -E "s/(VERSION:\s*)[0-9]{2}\.[0-9]{2}\.[0-9]{2}/\1${VERSION}/" README.md
echo "README.md version updated to ${VERSION}"
else
echo "::warning::No VERSION line found in README.md — skipping"
fi
fi
- name: Update CHANGELOG.md
run: |
if [ -f "CHANGELOG.md" ]; then
DATE=$(date +%Y-%m-%d)
# Check if this version already has an entry
if grep -q "^\#\# \[${VERSION}\]" CHANGELOG.md; then
echo "CHANGELOG.md already has entry for ${VERSION} — skipping"
else
# Insert new version entry after [Unreleased] or at the top after header
if grep -q '^\#\# \[Unreleased\]' CHANGELOG.md; then
sed -i "/^\#\# \[Unreleased\]/a\\\\n## [${VERSION}] --- ${DATE}" CHANGELOG.md
else
sed -i "/^\# Changelog/a\\\\n## [Unreleased]\n\n## [${VERSION}] --- ${DATE}" CHANGELOG.md
fi
echo "CHANGELOG.md: added entry for ${VERSION}"
fi
else
echo "::warning::No CHANGELOG.md found — skipping"
fi
- name: Update FILE INFORMATION blocks
run: |
# Update VERSION in file header blocks (# VERSION: XX.YY.ZZ)
find . -maxdepth 1 -type f \( -name "*.yml" -o -name "*.yaml" -o -name "*.php" -o -name "*.md" \) \
-not -path "./.git/*" -not -path "./vendor/*" -print0 2>/dev/null | \
while IFS= read -r -d '' FILE; do
if head -20 "$FILE" | grep -qP '^\s*#?\s*VERSION:\s*\d{2}\.\d{2}\.\d{2}'; then
sed -i -E "s/(#?\s*VERSION:\s*)[0-9]{2}\.[0-9]{2}\.[0-9]{2}/\1${VERSION}/" "$FILE"
echo "Updated FILE INFORMATION VERSION in ${FILE}"
fi
done
- name: Commit and push
run: |
git config user.name "Moko Consulting [bot]"
git config user.email "hello@mokoconsulting.tech"
git add -A
if git diff --cached --quiet; then
echo "No version changes detected — nothing to commit"
else
git commit -m "chore: set version to ${VERSION} [skip bump]
Authored-by: Moko Consulting"
git push
echo "### Version Set" >> $GITHUB_STEP_SUMMARY
echo "Version updated to \`${VERSION}\` on branch \`${GITHUB_REF_NAME}\`" >> $GITHUB_STEP_SUMMARY
fi
CHANGELOG.md
+5 -5
View File
@@ -12,12 +12,12 @@ BRIEF: Release changelog
# Changelog
## [Unreleased]
## [09.38.00] --- 2026-06-21
## [09.41.00] --- 2026-06-25
## [09.38.00] --- 2026-06-21
## [09.40.00] --- 2026-06-25
## [09.38.00] --- 2026-06-21
## [09.40.00] --- 2026-06-25
## [09.37.00] --- 2026-06-21
## [09.39.00] --- 2026-06-25
## [09.37.00] --- 2026-06-21
## [09.39.00] --- 2026-06-25
README.md
+1 -1
View File
@@ -6,7 +6,7 @@ DEFGROUP: MokoPlatform.Root
INGROUP: MokoPlatform
REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
PATH: /README.md
VERSION: 09.38.00
VERSION: 09.41.00
BRIEF: Project overview and documentation
-->
cli/branch_protect_org.php
+158
View File
@@ -0,0 +1,158 @@
<?php
/**
* @package MokoCLI
* @subpackage cli
* @author Moko Consulting <hello@mokoconsulting.tech>
* @copyright Copyright (C) 2026 Moko Consulting. All rights reserved.
* @license GNU General Public License version 3 or later; see LICENSE
* SPDX-License-Identifier: GPL-3.0-or-later
*
* Enforce branch protection rules across all repos in the org.
*
* Usage:
* php cli/branch_protect_org.php --token TOKEN [--org MokoConsulting] [--dry-run]
*
* Branch flow: feature/* -> dev -> rc -> main
* main, dev, rc: push whitelist only (no direct push)
* alpha, beta: push whitelist only (pre-release)
*/
declare(strict_types=1);
$options = getopt('', ['token:', 'org:', 'api-base:', 'dry-run', 'help']);
if (isset($options['help']) || empty($options['token'])) {
echo "Usage: php cli/branch_protect_org.php --token TOKEN [--org ORG] [--api-base URL] [--dry-run]\n";
echo "\n";
echo "Options:\n";
echo " --token Gitea API token (required)\n";
echo " --org Organization name (default: MokoConsulting)\n";
echo " --api-base API base URL (default: https://git.mokoconsulting.tech/api/v1)\n";
echo " --dry-run Show what would be changed without making changes\n";
exit(0);
}
$token = $options['token'];
$org = $options['org'] ?? 'MokoConsulting';
$apiBase = rtrim($options['api-base'] ?? 'https://git.mokoconsulting.tech/api/v1', '/');
$dryRun = isset($options['dry-run']);
// Protected branches and their rules
$branchRules = [
// Primary branches (flow: feature/* -> dev -> rc -> main)
'main' => ['enable_push' => true, 'enable_push_whitelist' => true, 'push_whitelist_usernames' => ['jmiller']],
'dev' => ['enable_push' => true, 'enable_push_whitelist' => true, 'push_whitelist_usernames' => ['jmiller']],
'rc' => ['enable_push' => true, 'enable_push_whitelist' => true, 'push_whitelist_usernames' => ['jmiller']],
'beta' => ['enable_push' => true, 'enable_push_whitelist' => true, 'push_whitelist_usernames' => ['jmiller']],
'alpha' => ['enable_push' => true, 'enable_push_whitelist' => true, 'push_whitelist_usernames' => ['jmiller']],
// Synonyms (prevent bypass via alternate names)
'master' => ['enable_push' => true, 'enable_push_whitelist' => true, 'push_whitelist_usernames' => ['jmiller']],
'develop' => ['enable_push' => true, 'enable_push_whitelist' => true, 'push_whitelist_usernames' => ['jmiller']],
'release' => ['enable_push' => true, 'enable_push_whitelist' => true, 'push_whitelist_usernames' => ['jmiller']],
'production' => ['enable_push' => true, 'enable_push_whitelist' => true, 'push_whitelist_usernames' => ['jmiller']],
'stable' => ['enable_push' => true, 'enable_push_whitelist' => true, 'push_whitelist_usernames' => ['jmiller']],
'staging' => ['enable_push' => true, 'enable_push_whitelist' => true, 'push_whitelist_usernames' => ['jmiller']],
];
function apiRequest(string $method, string $url, string $token, ?array $body = null): array
{
$ch = curl_init($url);
curl_setopt_array($ch, [
CURLOPT_CUSTOMREQUEST => $method,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => [
'Authorization: token ' . $token,
'Content-Type: application/json',
'Accept: application/json',
],
CURLOPT_TIMEOUT => 30,
]);
if ($body !== null) {
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($body));
}
$response = curl_exec($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
return [
'status' => $httpCode,
'data' => json_decode($response, true) ?: [],
];
}
// 1. List all org repos
echo "Fetching repos for {$org}...\n";
$page = 1;
$repos = [];
do {
$result = apiRequest('GET', "{$apiBase}/orgs/{$org}/repos?limit=50&page={$page}", $token);
$batch = $result['data'];
$repos = array_merge($repos, $batch);
$page++;
} while (count($batch) === 50);
echo sprintf("Found %d repos\n\n", count($repos));
$summary = ['protected' => 0, 'added' => 0, 'skipped' => 0, 'errors' => 0];
foreach ($repos as $repo) {
$repoName = $repo['name'];
if ($repo['archived'] ?? false) {
continue;
}
// Get existing protections
$existing = apiRequest('GET', "{$apiBase}/repos/{$org}/{$repoName}/branch_protections", $token);
$existingNames = array_map(fn($p) => $p['branch_name'] ?? '', $existing['data'] ?: []);
$added = [];
$skipped = [];
foreach ($branchRules as $branch => $rules) {
if (in_array($branch, $existingNames, true)) {
$skipped[] = $branch;
$summary['skipped']++;
continue;
}
if ($dryRun) {
$added[] = $branch;
$summary['added']++;
continue;
}
$body = array_merge($rules, ['branch_name' => $branch]);
$result = apiRequest('POST', "{$apiBase}/repos/{$org}/{$repoName}/branch_protections", $token, $body);
if ($result['status'] >= 200 && $result['status'] < 300) {
$added[] = $branch;
$summary['added']++;
} elseif ($result['status'] === 422) {
$skipped[] = $branch;
$summary['skipped']++;
} else {
$added[] = "{$branch}(ERR:{$result['status']})";
$summary['errors']++;
}
}
$summary['protected']++;
if (!empty($added)) {
$prefix = $dryRun ? '[DRY-RUN] ' : '';
echo sprintf(" %s%-35s added: %s\n", $prefix, $repoName, implode(', ', $added));
}
}
echo "\n";
echo sprintf("Summary: %d repos, %d rules added, %d already existed, %d errors\n",
$summary['protected'], $summary['added'], $summary['skipped'], $summary['errors']);
if ($dryRun) {
echo "\n(Dry run - no changes made)\n";
}
cli/branch_rename.php
+1 -1
View File
@@ -10,7 +10,7 @@
* INGROUP: mokocli
* REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
* PATH: /cli/branch_rename.php
* VERSION: 09.38.00
* VERSION: 09.41.00
* BRIEF: Rename a git branch via Gitea API (create new, update PR, delete old)
*/
cli/bulk_workflow_push.php
+1 -1
View File
@@ -12,7 +12,7 @@
* INGROUP: mokocli
* REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
* PATH: /cli/bulk_workflow_push.php
* VERSION: 09.38.00
* VERSION: 09.41.00
* BRIEF: Push a workflow file to all governed repos via the Gitea Contents API
*/
cli/bulk_workflow_trigger.php
+1 -1
View File
@@ -12,7 +12,7 @@
* INGROUP: mokocli
* REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
* PATH: /cli/bulk_workflow_trigger.php
* VERSION: 09.38.00
* VERSION: 09.41.00
* BRIEF: Trigger a workflow across multiple repos at once
*/
cli/client_dashboard.php
+1 -1
View File
@@ -12,7 +12,7 @@
* INGROUP: mokocli
* REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
* PATH: /cli/client_dashboard.php
* VERSION: 09.38.00
* VERSION: 09.41.00
* BRIEF: Generate unified client dashboard HTML
*/
cli/client_inventory.php
+1 -1
View File
@@ -12,7 +12,7 @@
* INGROUP: mokocli
* REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
* PATH: /cli/client_inventory.php
* VERSION: 09.38.00
* VERSION: 09.41.00
* BRIEF: Discover and list all client-waas repos with their server configuration status
*/
cli/client_provision.php
+1 -1
View File
@@ -12,7 +12,7 @@
* INGROUP: mokocli
* REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
* PATH: /cli/client_provision.php
* VERSION: 09.38.00
* VERSION: 09.41.00
* BRIEF: Provision a new client environment end-to-end
*/
cli/create_project.php
+4
View File
@@ -95,6 +95,10 @@ class CreateProjectCli extends CliFramework
$repoRoot = dirname(__DIR__, 2);
$templatesDir = "{$repoRoot}/templates/projects";
if (!is_dir($templatesDir)) {
$this->log('ERROR', "Project templates directory not found: {$templatesDir}");
return 1;
}
$repos = [];
cli/grafana_dashboard.php
+1 -1
View File
@@ -12,7 +12,7 @@
* INGROUP: mokocli
* REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
* PATH: /cli/grafana_dashboard.php
* VERSION: 09.38.00
* VERSION: 09.41.00
* BRIEF: Manage Grafana dashboards via API
*/
cli/joomla_build.php
+1 -1
View File
@@ -10,7 +10,7 @@
* INGROUP: mokocli
* REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
* PATH: /cli/joomla_build.php
* VERSION: 09.38.00
* VERSION: 09.41.00
* BRIEF: Build a Joomla extension ZIP from manifest — all types supported
* NOTE: Called by pre-release and auto-release workflows.
*/
cli/joomla_metadata_validate.php
+1 -1
View File
@@ -10,7 +10,7 @@
* INGROUP: mokocli
* REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
* PATH: /cli/joomla_metadata_validate.php
* VERSION: 09.38.00
* VERSION: 09.41.00
* BRIEF: Validate MokoGitea repo metadata against Joomla extension manifest XML
*/
cli/manifest_detect.php
+1 -1
View File
@@ -10,7 +10,7 @@
* INGROUP: mokocli
* REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
* PATH: /cli/manifest_detect.php
* VERSION: 09.38.00
* VERSION: 09.41.00
* BRIEF: Auto-detect manifest fields from source files and optionally push to API
*/
cli/manifest_integrity.php
+1 -1
View File
@@ -10,7 +10,7 @@
* INGROUP: mokocli
* REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
* PATH: /cli/manifest_integrity.php
* VERSION: 09.38.00
* VERSION: 09.41.00
* BRIEF: Cross-check manifest API fields against repo contents across the org
*/
cli/manifest_licensing.php
+1 -1
View File
@@ -10,7 +10,7 @@
* INGROUP: mokocli
* REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
* PATH: /cli/manifest_licensing.php
* VERSION: 09.38.00
* VERSION: 09.41.00
* BRIEF: Ensure licensing tags (updateservers, dlid) in Joomla extension manifests
*/
cli/manifest_read.php
+1 -1
View File
@@ -10,7 +10,7 @@
* INGROUP: mokocli
* REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
* PATH: /cli/manifest_read.php
* VERSION: 09.38.00
* VERSION: 09.41.00
* BRIEF: Read repo metadata from Gitea manifest API, auto-detect the rest
*/
cli/platform_detect.php
+1 -1
View File
@@ -10,7 +10,7 @@
* INGROUP: mokocli
* REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
* PATH: /cli/platform_detect.php
* VERSION: 09.38.00
* VERSION: 09.41.00
* BRIEF: Auto-detect repository platform type and optionally update manifest
*/
cli/release.php
+1 -13
View File
@@ -131,19 +131,7 @@ class ReleaseCli extends CliFramework
file_put_contents($bulkSyncFile, $bulkContent);
}
// -- Step 5: Update repository-cleanup.yml current branch --
echo "Updating repository-cleanup.yml -> chore/sync-mokostandards-v{$minorVersion}\n";
if (!$this->dryRun) {
$cleanupContent = file_get_contents($cleanupFile);
$cleanupContent = preg_replace(
'/CURRENT="chore\/sync-mokostandards-v[^"]*"/',
"CURRENT=\"chore/sync-mokostandards-v{$minorVersion}\"",
$cleanupContent
);
file_put_contents($cleanupFile, $cleanupContent);
}
// -- Step 6: Commit changes --
// -- Step 5: Commit changes --
if (!$this->dryRun) {
echo "Committing...\n";
passthru("cd {$repoRoot} && git add -A && git commit -m \"chore(release): prepare {$currentVersion} release [skip ci]\"");
cli/release_cascade.php
+1 -1
View File
@@ -10,7 +10,7 @@
* INGROUP: mokocli
* REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
* PATH: /cli/release_cascade.php
* VERSION: 09.38.00
* VERSION: 09.41.00
* BRIEF: Cascade release zip to all lower stability channels
*/
cli/release_publish.php
+1 -1
View File
@@ -10,7 +10,7 @@
* INGROUP: mokocli
* REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
* PATH: /cli/release_publish.php
* VERSION: 09.38.00
* VERSION: 09.41.00
* BRIEF: Publish a release and create copies for all lesser stability streams.
*/
cli/scaffold_client.php
+1 -1
View File
@@ -12,7 +12,7 @@
* INGROUP: mokocli
* REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
* PATH: /cli/scaffold_client.php
* VERSION: 09.38.00
* VERSION: 09.41.00
* BRIEF: Scaffold a new client-waas repo from Template-Client-WaaS with pre-configured settings
*/
cli/updates_xml_sync.php
+1 -1
View File
@@ -10,7 +10,7 @@
* INGROUP: mokocli
* REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
* PATH: /cli/updates_xml_sync.php
* VERSION: 09.38.00
* VERSION: 09.41.00
* BRIEF: Sync updates.xml to target branches via Gitea API
* NOTE: Called by pre-release and auto-release workflows after updates.xml
* is modified on the current branch. Pushes the file to other branches
cli/version_auto_bump.php
+1 -1
View File
@@ -10,7 +10,7 @@
* INGROUP: mokocli
* REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
* PATH: /cli/version_auto_bump.php
* VERSION: 09.38.00
* VERSION: 09.41.00
* BRIEF: Auto patch-bump, set stability suffix, and commit — single CLI replacing inline workflow bash
*/
cli/version_bump.php
+15 -1
View File
@@ -234,6 +234,20 @@ class VersionBumpCli extends CliFramework
if (!empty($updatedFiles)) {
fwrite(STDERR, "Updated " . count($updatedFiles) . " Joomla manifest(s): " . implode(', ', $updatedFiles) . "\n");
}
// Joomla schema version: create empty SQL update file if sql/updates/mysql/ exists
$sqlUpdateDirs = array_merge(
SourceResolver::globSource($root, 'packages/*/sql/updates/mysql'),
SourceResolver::globSource($root, 'sql/updates/mysql'),
glob("{$root}/sql/updates/mysql") ?: []
);
$sqlUpdateDirs = array_unique(array_filter($sqlUpdateDirs, 'is_dir'));
foreach ($sqlUpdateDirs as $sqlDir) {
$sqlFile = "{$sqlDir}/{$newBase}.sql";
if (!file_exists($sqlFile)) {
file_put_contents($sqlFile, "/* {$newBase} — no schema changes */\n");
fwrite(STDERR, "Created SQL update file: " . substr($sqlFile, strlen($root) + 1) . "\n");
}
}
$packageJsonFile = "{$root}/package.json";
if (file_exists($packageJsonFile)) {
$pkgContent = file_get_contents($packageJsonFile);
@@ -370,7 +384,7 @@ class VersionBumpCli extends CliFramework
/**
* Scan git release tags for the highest version across all channels.
*
* Checks release names like "MokoSuiteClient (VERSION: 09.38.00)" in
* Checks release names like "MokoSuiteClient (VERSION: 09.41.00)" in
* git tags (stable, release-candidate, development, etc.) to find the
* highest version that has been released on any channel.
*/
cli/version_check.php
+1 -1
View File
@@ -10,7 +10,7 @@
* INGROUP: mokocli
* REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
* PATH: /cli/version_check.php
* VERSION: 09.38.00
* VERSION: 09.41.00
* BRIEF: Validate version consistency across README, manifests, and sub-packages
*/
cli/wiki_sync.php
+1 -1
View File
@@ -10,7 +10,7 @@
* INGROUP: mokocli
* REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
* PATH: /cli/wiki_sync.php
* VERSION: 09.38.00
* VERSION: 09.41.00
* BRIEF: Sync select wiki pages from mokocli to all template repos
*/
cli/workflow_sync.php
+128 -4
View File
@@ -10,7 +10,7 @@
* INGROUP: mokocli
* REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
* PATH: /cli/workflow_sync.php
* VERSION: 09.38.00
* VERSION: 09.41.00
* BRIEF: Sync workflows from Generic → platform templates → live repos based on manifest.platform
*/
@@ -42,9 +42,13 @@ class WorkflowSyncCli extends CliFramework
'joomla' => ['deploy-manual.yml'],
];
/** Prefix for custom workflows preserved during orphan cleanup. */
private const CUSTOM_PREFIX = 'custom-';
private int $updated = 0;
private int $created = 0;
private int $skipped = 0;
private int $deleted = 0;
private int $errors = 0;
protected function configure(): void
@@ -56,6 +60,7 @@ class WorkflowSyncCli extends CliFramework
$this->addArgument('--branch', 'Target branch (default: main)', 'main');
$this->addArgument('--phase', 'Phase to run: all, templates, repos (default: all)', 'all');
$this->addArgument('--platform-filter', 'Only sync repos matching this platform', '');
$this->addArgument('--delete-orphans', 'Delete workflows not in template (preserves custom-* and custom/)', false);
}
protected function run(): int
@@ -114,7 +119,7 @@ class WorkflowSyncCli extends CliFramework
echo "\n";
$this->log('INFO', "Done: {$this->created} created, {$this->updated} updated, "
. "{$this->skipped} skipped, {$this->errors} error(s).");
. "{$this->deleted} deleted, {$this->skipped} skipped, {$this->errors} error(s).");
return $this->errors > 0 ? 1 : 0;
}
@@ -275,14 +280,15 @@ class WorkflowSyncCli extends CliFramework
foreach ($workflows as $workflow) {
$filename = $workflow['name'];
$destPath = '.mokogitea/workflows/' . $filename;
$label = "{$repoFullName}/{$filename}";
// Skip platform-excluded workflows
if (in_array($filename, self::PLATFORM_EXCLUDES[$platform] ?? [], true)) {
fprintf(STDERR, "%-45s | %s\n", $label, 'EXCLUDED (platform)');
$this->skipped++;
continue;
}
$destPath = '.mokogitea/workflows/' . $filename;
$label = "{$repoFullName}/{$filename}";
// Get source content from template
$sourceContent = $this->getFileContent(
@@ -303,6 +309,14 @@ class WorkflowSyncCli extends CliFramework
$destPath, $sourceContent, $branch, $commitMsg, $label
);
}
// Delete orphan workflows if enabled
if ($this->getArgument('--delete-orphans', false)) {
$templateNames = array_map(fn($w) => $w['name'], $workflows);
$this->deleteOrphanWorkflows(
$giteaUrl, $token, $org, $repoName, $branch, $templateNames, $platform
);
}
}
echo "\n";
@@ -406,6 +420,116 @@ class WorkflowSyncCli extends CliFramework
}
}
/**
* Delete workflows in a repo that are NOT in the template and NOT custom.
*
* Protected from deletion:
* - Files matching template workflow names
* - Files with `custom-` prefix (convention for repo-specific workflows)
* - Directories named `custom` (future: subfolder discovery)
* - Platform-excluded workflows
*/
private function deleteOrphanWorkflows(
string $giteaUrl,
string $token,
string $org,
string $repoName,
string $branch,
array $templateNames,
string $platform
): void {
$repoWorkflows = $this->listWorkflows($giteaUrl, $token, $org, $repoName, $branch);
if ($repoWorkflows === null) {
return;
}
$platformExcludes = self::PLATFORM_EXCLUDES[$platform] ?? [];
foreach ($repoWorkflows as $workflow) {
$name = $workflow['name'];
// Keep if it's in the template
if (in_array($name, $templateNames, true)) {
continue;
}
// Keep if it has the custom- prefix
if (str_starts_with($name, self::CUSTOM_PREFIX)) {
$label = "{$org}/{$repoName}/{$name}";
fprintf(STDERR, "%-45s | %s\n", $label, 'KEPT (custom)');
continue;
}
// Keep if it's platform-excluded (legitimately skipped during sync)
if (in_array($name, $platformExcludes, true)) {
$label = "{$org}/{$repoName}/{$name}";
fprintf(STDERR, "%-45s | %s\n", $label, 'KEPT (platform-excluded)');
continue;
}
// Delete orphan
$filePath = '.mokogitea/workflows/' . $name;
$label = "{$org}/{$repoName}/{$name}";
if ($this->dryRun) {
fprintf(STDERR, "%-45s | %s\n", $label, 'WOULD DELETE');
$this->deleted++;
continue;
}
$deleted = $this->deleteFile($giteaUrl, $token, $org, $repoName, $filePath, $branch);
if ($deleted) {
fprintf(STDERR, "%-45s | %s\n", $label, 'DELETED');
$this->deleted++;
} else {
fprintf(STDERR, "%-45s | %s\n", $label, 'ERROR (delete)');
$this->errors++;
}
}
}
/**
* Delete a file from a repo via the Gitea Contents API.
*/
private function deleteFile(
string $giteaUrl,
string $token,
string $org,
string $repoName,
string $filePath,
string $branch
): bool {
// Get SHA first
$existing = $this->apiRequest(
$giteaUrl, $token, 'GET',
"/api/v1/repos/{$org}/{$repoName}/contents/{$filePath}?ref={$branch}"
);
if ($existing['code'] !== 200) {
return false;
}
$data = json_decode($existing['body'], true);
$sha = $data['sha'] ?? '';
if ($sha === '') {
return false;
}
$payload = json_encode([
'sha' => $sha,
'message' => "chore: delete orphan workflow {$filePath} [skip ci]",
'branch' => $branch,
]);
$response = $this->apiRequest(
$giteaUrl, $token, 'DELETE',
"/api/v1/repos/{$org}/{$repoName}/contents/{$filePath}",
$payload
);
return $response['code'] === 200;
}
/**
* List workflow files in a repo's .mokogitea/workflows/ directory.
*/
deploy/backup-before-deploy.php
+1 -1
View File
@@ -12,7 +12,7 @@
* INGROUP: MokoPlatform
* REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
* PATH: /deploy/backup-before-deploy.php
* VERSION: 09.38.00
* VERSION: 09.41.00
* BRIEF: Snapshot Joomla directories before deployment for rollback capability
*/
deploy/deploy-dolibarr.php
+1 -1
View File
@@ -12,7 +12,7 @@
* INGROUP: MokoPlatform
* REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
* PATH: /deploy/deploy-dolibarr.php
* VERSION: 09.38.00
* VERSION: 09.41.00
* BRIEF: Deploy Dolibarr module files to a remote server via SFTP/rsync
*/
deploy/health-check.php
+1 -1
View File
@@ -12,7 +12,7 @@
* INGROUP: MokoPlatform
* REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
* PATH: /deploy/health-check.php
* VERSION: 09.38.00
* VERSION: 09.41.00
* BRIEF: Post-deploy health check — verify a Joomla site is responding correctly
*/
deploy/rollback-joomla.php
+1 -1
View File
@@ -12,7 +12,7 @@
* INGROUP: MokoPlatform
* REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
* PATH: /deploy/rollback-joomla.php
* VERSION: 09.38.00
* VERSION: 09.41.00
* BRIEF: Rollback a Joomla deployment by restoring from a pre-deploy snapshot
*/
deploy/sync-joomla.php
+1 -1
View File
@@ -12,7 +12,7 @@
* INGROUP: MokoPlatform
* REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
* PATH: /deploy/sync-joomla.php
* VERSION: 09.38.00
* VERSION: 09.41.00
* BRIEF: Sync Joomla site directories between two servers via rsync over SSH
*/
lib/Enterprise/RepositorySynchronizer.php
+2 -17
View File
@@ -930,10 +930,10 @@ class RepositorySynchronizer
private const TEMPLATE_REPOS = [
'joomla' => 'MokoConsulting/Template-Joomla',
'waas-component' => 'MokoConsulting/Template-Joomla',
'dolibarr' => 'MokoConsulting/Template-Dolibarr',
'crm-module' => 'MokoConsulting/Template-Dolibarr',
'generic' => 'MokoConsulting/Template-Generic',
'mcp' => 'MokoConsulting/Template-Generic',
'dolibarr' => 'MokoConsulting/Template-Generic',
'crm-module' => 'MokoConsulting/Template-Generic',
'client' => 'MokoConsulting/Template-Client-WaaS',
];
@@ -951,7 +951,6 @@ class RepositorySynchronizer
*/
private const TEMPLATE_SYNC_TARGETS = [
'MokoConsulting/Template-Joomla',
'MokoConsulting/Template-Dolibarr',
'MokoConsulting/Template-Client-WaaS',
];
@@ -1083,20 +1082,6 @@ class RepositorySynchronizer
}
}
// CODEOWNERS — GitHub only; Gitea doesn't enforce it
if ($this->adapter->getPlatformName() === 'github') {
$shared[] = ['templates/mokogitea/CODEOWNERS', '.github/CODEOWNERS'];
}
// Platform-specific gitignore (merged, not replaced)
$gitignoreMap = [
'dolibarr' => 'templates/configs/gitignore.dolibarr',
'platform' => 'templates/configs/gitignore.dolibarr',
'joomla' => 'templates/configs/.gitignore.joomla',
];
$gitignoreTemplate = $gitignoreMap[$platform] ?? 'templates/configs/gitignore';
$shared[] = [$gitignoreTemplate, '.gitignore'];
// Create TODO.md stub if it doesn't exist (gitignored after first commit)
$entries[] = [
'inline_content' => "# TODO\n\n> **Note:** This file is not tracked in "
mcp/servers/mokocrm_api/CONTRIBUTING.md
+1 -1
View File
@@ -14,7 +14,7 @@
DEFGROUP: dolibarr-api-mcp.Documentation
INGROUP: dolibarr-api-mcp
REPO: https://git.mokoconsulting.tech/MokoConsulting/dolibarr-api-mcp
VERSION: 09.38.00
VERSION: 09.41.00
PATH: ./CONTRIBUTING.md
BRIEF: Contribution guidelines for the project
-->
mcp/servers/mokocrm_api/SECURITY.md
+1 -1
View File
@@ -10,7 +10,7 @@ DEFGROUP: dolibarr-api-mcp.Documentation
INGROUP: dolibarr-api-mcp
REPO: https://git.mokoconsulting.tech/MokoConsulting/dolibarr-api-mcp
PATH: /SECURITY.md
VERSION: 09.38.00
VERSION: 09.41.00
BRIEF: Security vulnerability reporting and handling policy
-->
mcp/servers/mokosuite_api/CONTRIBUTING.md
+1 -1
View File
@@ -14,7 +14,7 @@
DEFGROUP:
INGROUP: Project.Documentation
REPO: https://git.mokoconsulting.tech/MokoConsulting/MokoCli-Template-Generic
VERSION: 09.38.00
VERSION: 09.41.00
PATH: ./CONTRIBUTING.md
BRIEF: Contribution guidelines for the project
-->
mcp/servers/mokosuite_api/SECURITY.md
+1 -1
View File
@@ -23,7 +23,7 @@ DEFGROUP: [PROJECT_NAME]
INGROUP: [PROJECT_NAME].Documentation
REPO: [REPOSITORY_URL]
PATH: /SECURITY.md
VERSION: 09.38.00
VERSION: 09.41.00
BRIEF: Security vulnerability reporting and handling policy
-->
templates/client-provision-example.json
-35
View File
@@ -1,35 +0,0 @@
{
"name": "exampleclient",
"org": "ExampleClient",
"gitea_url": "https://git.mokoconsulting.tech",
"variables": {
"DEV_SYNC_HOST": "dev.exampleclient.com",
"DEV_SYNC_PORT": "22",
"DEV_SYNC_USER": "exampleclient",
"DEV_SYNC_PATH": "/home/exampleclient/dev.exampleclient.com",
"DEV_SITE_URL": "https://dev.exampleclient.com",
"LIVE_SSH_HOST": "iad1-shared-b7-01.dreamhost.com",
"LIVE_SSH_PORT": "22",
"LIVE_SSH_USER": "exampleclient",
"LIVE_SYNC_PATH": "/home/exampleclient/exampleclient.com",
"RS_FTP_PATH_SUFFIX": "exampleclient.com"
},
"secrets": {
"DEV_SYNC_KEY": "@keys/exampleclient-dev.pem",
"LIVE_SSH_KEY": "@keys/exampleclient-live.pem"
},
"monitoring": {
"urls": [
"https://exampleclient.com",
"https://dev.exampleclient.com"
],
"domains": [
"exampleclient.com"
],
"grafana_dashboard": "monitoring/grafana/client-joomla-dashboard.json",
"grafana_folder": "Clients"
}
}
templates/config/issue-management-config.yml.template
-63
View File
@@ -1,63 +0,0 @@
# Enterprise Issue Management Configuration Template
# Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
# SPDX-License-Identifier: GPL-3.0-or-later
#
# Deploy to: .github/issue-management-config.yml
version: "1.0.0"
enterprise:
organization:
name: "ORGANIZATION_NAME"
default_assignees:
- "copilot"
projects:
enabled: true
default_project_number: null
auto_add_issues: true
milestones:
enabled: true
auto_assign: true
create_if_missing: true
labels:
priority:
critical:
name: "priority/critical"
color: "d73a4a"
sla_hours: 4
high:
name: "priority/high"
color: "ff9800"
sla_hours: 24
medium:
name: "priority/medium"
color: "fbca04"
sla_hours: 72
automation:
create_on_branch: true
branch_patterns:
- "dev/**"
- "rc/**"
close_on_merge: true
close_on_branch_delete: true
link_prs_to_issues: true
create_sub_tasks_for_prs: true
sla:
enabled: true
timezone: "UTC"
audit:
enabled: true
retention_days: 365
metrics:
enabled: true
error_handling:
retry_on_failure: true
max_retries: 3
templates/configs/.eslintrc.json
-28
View File
@@ -1,28 +0,0 @@
{
"env": {
"browser": true,
"es2021": true,
"node": true
},
"extends": [
"eslint:recommended"
],
"parserOptions": {
"ecmaVersion": "latest",
"sourceType": "module"
},
"rules": {
"indent": ["error", 2],
"linebreak-style": ["error", "unix"],
"quotes": ["error", "single"],
"semi": ["error", "always"],
"no-unused-vars": ["warn"],
"no-console": ["warn", { "allow": ["warn", "error"] }],
"eqeqeq": ["error", "always"],
"curly": ["error", "all"],
"brace-style": ["error", "1tbs"],
"no-trailing-spaces": "error",
"no-multiple-empty-lines": ["error", { "max": 1 }],
"eol-last": ["error", "always"]
}
}
templates/configs/.gitignore.joomla
-220
View File
@@ -1,220 +0,0 @@
# ============================================================
# Local task tracking (not version controlled)
# ============================================================
TODO.md
# ============================================================
# Environment and secrets
# ============================================================
.env
.env.local
.env.*.local
*.local.php
*.secret.php
configuration.php
configuration.*.php
configuration.local.php
conf/conf.php
conf/conf*.php
secrets/
*.secrets.*
# ============================================================
# Logs, dumps and databases
# ============================================================
*.db
*.db-journal
*.dump
*.log
*.pid
*.seed
# ============================================================
# OS / Editor / IDE cruft
# ============================================================
.DS_Store
Thumbs.db
desktop.ini
Thumbs.db:encryptable
ehthumbs.db
ehthumbs_vista.db
$RECYCLE.BIN/
System Volume Information/
*.lnk
Icon?
.idea/
.settings/
.claude/
.claude-worktree*/
.vscode/*
!.vscode/tasks.json
!.vscode/settings.json.example
!.vscode/extensions.json
*.code-workspace
*.sublime*
.project
.buildpath
.classpath
*.bak
*.swp
*.swo
*.tmp
*.old
*.orig
# ============================================================
# Dev scripts and scratch
# ============================================================
TODO.md
todo*
*ffs*
# ============================================================
# SFTP / sync tools
# ============================================================
sftp-config*.json
sftp-config.json.template
sftp-settings.json
# ============================================================
# Sublime SFTP / FTP sync
# ============================================================
*.sublime-project
*.sublime-workspace
*.sublime-settings
.libsass.json
*.ffs*
# ============================================================
# Replit / cloud IDE
# ============================================================
.replit
replit.md
# ============================================================
# Archives / release artifacts
# ============================================================
*.7z
*.rar
*.tar
*.tar.gz
*.tgz
*.zip
artifacts/
release/
releases/
# ============================================================
# Build outputs and site generators
# ============================================================
.mkdocs-build/
.cache/
.parcel-cache/
build/
dist/
out/
/site/
*.map
*.css.map
*.js.map
*.tsbuildinfo
# ============================================================
# CI / test artifacts
# ============================================================
.coverage
.coverage.*
coverage/
coverage.xml
htmlcov/
junit.xml
reports/
test-results/
tests/_output/
.github/local/
.github/workflows/*.log
# ============================================================
# Node / JavaScript
# ============================================================
node_modules/
npm-debug.log*
yarn-debug.log*
yarn-error.log*
pnpm-debug.log*
.pnpm-store/
.yarn/
.npmrc
.eslintcache
package-lock.json
# ============================================================
# PHP / Composer tooling
# ============================================================
/vendor/
!src/media/vendor/
composer.lock
*.phar
codeception.phar
.phpunit.result.cache
.php_cs.cache
.php-cs-fixer.cache
.phpstan.cache
.phplint-cache
phpmd-cache/
.psalm/
.rector/
# ============================================================
# Python
# ============================================================
__pycache__/
*.py[cod]
*.pyc
*$py.class
*.so
.Python
.eggs/
*.egg
*.egg-info/
.installed.cfg
MANIFEST
develop-eggs/
downloads/
eggs/
parts/
sdist/
var/
wheels/
ENV/
env/
.venv/
venv/
.pytest_cache/
.mypy_cache/
.ruff_cache/
.pyright/
.tox/
.nox/
*.cover
*.coverage
hypothesis/
# ============================================================
# Local wiki clone (not version controlled)
# ============================================================
wiki/
# ============================================================
# Joomla runtime / development
# ============================================================
cache/
tmp/
logs/
configuration.php
user.css
user.js
colors_custom.css
modulebuilder.txt
administrator/components/com_akeebabackup/backup/
templates/configs/.htmlhintrc
-22
View File
@@ -1,22 +0,0 @@
{
"extends": "htmlhint:recommended",
"tagname-lowercase": true,
"attr-lowercase": true,
"attr-value-double-quotes": true,
"doctype-first": true,
"tag-pair": true,
"spec-char-escape": true,
"id-unique": true,
"src-not-empty": true,
"attr-no-duplication": true,
"title-require": true,
"alt-require": true,
"doctype-html5": true,
"style-disabled": false,
"inline-style-disabled": false,
"inline-script-disabled": false,
"space-tab-mixed-disabled": "space",
"id-class-ad-disabled": false,
"href-abs-or-rel": false,
"attr-unsafe-chars": true
}
templates/configs/.prettierrc.json
-11
View File
@@ -1,11 +0,0 @@
{
"semi": true,
"trailingComma": "es5",
"singleQuote": true,
"printWidth": 100,
"tabWidth": 2,
"useTabs": false,
"endOfLine": "lf",
"arrowParens": "always",
"bracketSpacing": true
}
templates/configs/.pylintrc
-92
View File
@@ -1,92 +0,0 @@
# Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
#
# This file is part of a Moko Consulting project.
#
# SPDX-License-Identifier: GPL-3.0-or-later
# Pylint configuration for MokoCli projects
[MASTER]
# Python code to execute, usually for sys.path manipulation
init-hook='import sys; sys.path.append(".")'
# Use multiple processes to speed up Pylint
jobs=0
# Pickle collected data for later comparisons
persistent=yes
# List of plugins (as comma separated values of python module names)
load-plugins=
# Minimum Python version to use for version dependent checks
py-version=3.8
[MESSAGES CONTROL]
# Disable specific messages
disable=
missing-module-docstring,
missing-function-docstring,
too-few-public-methods,
too-many-arguments,
too-many-locals,
too-many-branches,
too-many-statements,
duplicate-code,
fixme
[REPORTS]
# Set the output format
output-format=text
# Tells whether to display a full report or only the messages
reports=no
# Activate the evaluation score
score=yes
[BASIC]
# Good variable names
good-names=i,j,k,ex,Run,_,id,pk
# Regular expressions for acceptable names
variable-rgx=[a-z_][a-z0-9_]{0,30}$
const-rgx=(([A-Z_][A-Z0-9_]*)|(__.*__))$
class-rgx=[A-Z_][a-zA-Z0-9]+$
function-rgx=[a-z_][a-z0-9_]{1,50}$
method-rgx=[a-z_][a-z0-9_]{1,50}$
[FORMAT]
# Maximum number of characters on a single line
max-line-length=100
# Maximum number of lines in a module
max-module-lines=1000
# String used for indentation
indent-string=' '
[DESIGN]
# Maximum number of arguments for function / method
max-args=7
# Maximum number of attributes for a class
max-attributes=10
[IMPORTS]
# Deprecated modules which should not be used
deprecated-modules=optparse,imp
[CLASSES]
# List of method names used to declare instance attributes
defining-attr-methods=__init__,__new__,setUp
# List of valid names for the first argument in a class method
valid-classmethod-first-arg=cls
# List of valid names for the first argument in a metaclass class method
valid-metaclass-classmethod-first-arg=mcs
[EXCEPTIONS]
# Exceptions that will emit a warning when caught
overgeneral-exceptions=builtins.Exception
templates/configs/README.md
-306
View File
@@ -1,306 +0,0 @@
<!--
Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
This file is part of a Moko Consulting project.
SPDX-License-Identifier: GPL-3.0-or-later
# FILE INFORMATION
DEFGROUP: MokoPlatform.Templates
INGROUP: MokoPlatform
REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
PATH: /templates/configs/README.md
BRIEF: Code quality and security tool configuration templates
-->
# Code Quality Configuration Templates
This directory contains standardized configuration files for code quality, linting, and security tools used across mokocli projects.
## Available Configurations
### PHP Tools
#### `phpcs.xml` - PHP_CodeSniffer
**Purpose**: Enforce PHP coding standards (PSR-12 based)
**Usage**:
```bash
# Copy to your project root
cp phpcs.xml /path/to/your/project/
# Run PHPCS
phpcs --standard=phpcs.xml src/
# Auto-fix issues
phpcbf --standard=phpcs.xml src/
```
**Features**:
- PSR-12 compliance
- Line length limits (120 chars)
- Forbidden functions detection (eval, var_dump, etc.)
- Commented-out code detection
#### `phpstan.neon` - PHPStan
**Purpose**: Static analysis for PHP code
**Usage**:
```bash
# Copy to your project root
cp phpstan.neon /path/to/your/project/
# Install PHPStan
composer require --dev phpstan/phpstan
# Run analysis
phpstan analyse
```
**Configuration**:
- Level 5 analysis (adjust as needed)
- Checks for type errors, dead code, and more
- Configurable ignore patterns
#### `psalm.xml` - Psalm
**Purpose**: Advanced static analysis for PHP
**Usage**:
```bash
# Copy to your project root
cp psalm.xml /path/to/your/project/
# Install Psalm
composer require --dev vimeo/psalm
# Initialize and run
psalm --init
psalm
```
**Configuration**:
- Error level 4 (balanced strictness)
- Finds unused code (optional)
- Customizable issue handlers
### JavaScript/TypeScript Tools
#### `.eslintrc.json` - ESLint
**Purpose**: Identify and fix JavaScript code issues
**Usage**:
```bash
# Copy to your project root
cp .eslintrc.json /path/to/your/project/
# Install ESLint
npm install --save-dev eslint
# Run linting
npx eslint .
# Auto-fix issues
npx eslint . --fix
```
**Features**:
- ES2021 support
- Tab indentation (2-space visual width)
- Unix line endings
- Single quotes for strings
- Semicolon enforcement
#### `.prettierrc.json` - Prettier
**Purpose**: Opinionated code formatter for JavaScript/TypeScript
**Usage**:
```bash
# Copy to your project root
cp .prettierrc.json /path/to/your/project/
# Install Prettier
npm install --save-dev prettier
# Check formatting
npx prettier --check .
# Auto-format
npx prettier --write .
```
**Configuration**:
- 100 character line width
- Single quotes
- Trailing commas (ES5)
- Tab indentation (2-space visual width)
### Python Tools
#### `.pylintrc` - Pylint
**Purpose**: Python code analysis and style checking
**Usage**:
```bash
# Copy to your project root
cp .pylintrc /path/to/your/project/
# Install Pylint
pip install pylint
# Run analysis
pylint **/*.py
```
**Features**:
- PEP 8 compliance
- 100 character line limit
- Configurable message disabling
- Custom naming conventions
#### `pyproject.toml` - Python Project Configuration
**Purpose**: Unified configuration for Black, isort, mypy, and pytest
**Usage**:
```bash
# Copy to your project root
cp pyproject.toml /path/to/your/project/
# Install tools
pip install black isort mypy pytest pytest-cov
# Run Black formatter
black .
# Sort imports with isort
isort .
# Type check with mypy
mypy src/
# Run tests with coverage
pytest --cov=src
```
**Tools Configured**:
- **Black**: Opinionated Python formatter
- **isort**: Import statement sorter
- **mypy**: Static type checker
- **pytest**: Test framework
- **coverage**: Code coverage measurement
### HTML Tools
#### `.htmlhintrc` - HTMLHint
**Purpose**: HTML5 validation and best practices
**Usage**:
```bash
# Copy to your project root
cp .htmlhintrc /path/to/your/project/
# Install HTMLHint
npm install -g htmlhint
# Run validation
htmlhint **/*.html
```
**Features**:
- HTML5 doctype validation
- Tag and attribute validation
- Accessibility checks (alt, title requirements)
- Style and script validation
## Integration with GitHub Actions
All these tools are integrated into the `code-quality.yml` workflow template. To use:
1. **Copy the workflow**:
```bash
cp templates/workflows/code-quality.yml.template .github/workflows/code-quality.yml
```
2. **Copy relevant config files**:
```bash
# For PHP projects
cp templates/configs/phpcs.xml .
cp templates/configs/phpstan.neon .
# For JavaScript projects
cp templates/configs/.eslintrc.json .
cp templates/configs/.prettierrc.json .
# For Python projects
cp templates/configs/.pylintrc .
cp templates/configs/pyproject.toml .
# For HTML projects
cp templates/configs/.htmlhintrc .
```
3. **Customize for your project**: Adjust tool configurations based on your specific requirements
## Tool Installation
### PHP
```bash
# Via Composer
composer require --dev squizlabs/php_codesniffer phpstan/phpstan vimeo/psalm
```
### JavaScript/TypeScript
```bash
# Via npm
npm install --save-dev eslint prettier @typescript-eslint/parser @typescript-eslint/eslint-plugin
```
### Python
```bash
# Via pip
pip install pylint black mypy isort pytest pytest-cov
```
### HTML
```bash
# Via npm (global)
npm install -g htmlhint
```
## Configuration Customization
Each configuration file can be customized for your project:
1. **Adjust severity levels**: Change error levels to match your team's standards
2. **Add ignore patterns**: Exclude specific files or directories
3. **Enable/disable rules**: Fine-tune which checks are active
4. **Set code style preferences**: Modify indentation, line length, etc.
## Security Best Practices
These configurations include security-focused rules:
- **PHP**: Forbidden functions (eval, create_function)
- **JavaScript**: No console.log in production
- **Python**: Import security patterns
- **HTML**: XSS prevention patterns
## CI/CD Integration
These tools work seamlessly with:
- GitHub Actions (see workflow templates)
- GitLab CI
- Jenkins
- CircleCI
- Travis CI
## Support and Updates
Configuration templates are maintained in the mokocli repository:
- **Repository**: https://git.mokoconsulting.tech/MokoConsulting/mokocli
- **Documentation**: https://git.mokoconsulting.tech/MokoConsulting/mokocli/tree/main/docs
- **Issues**: Report problems or suggest improvements via GitHub Issues
## Version History
- **v1.0.0** (2026-01): Initial release with PHP, JavaScript, Python, and HTML configurations
templates/configs/composer.dolibarr.json
-55
View File
@@ -1,55 +0,0 @@
{
"name": "mokoconsulting-tech/{{repo_name_lower}}",
"description": "{{repo_name}} Dolibarr module by Moko Consulting",
"type": "dolibarr-module",
"version": "01.00.00",
"license": "GPL-3.0-or-later",
"authors": [
{
"name": "Moko Consulting",
"email": "hello@mokoconsulting.tech"
}
],
"minimum-stability": "dev",
"prefer-stable": true,
"require": {
"php": ">=8.1",
"mokoconsulting-tech/enterprise": "dev-version/04.02.00"
},
"require-dev": {
"phpunit/phpunit": "^10.5",
"phpstan/phpstan": "^2.0",
"squizlabs/php_codesniffer": "^4.0"
},
"autoload": {
"psr-4": {
"MokoConsulting\\{{repo_name}}\\": "src/"
}
},
"autoload-dev": {
"psr-4": {
"MokoConsulting\\{{repo_name}}\\Tests\\": "tests/"
}
},
"repositories": [
{
"type": "vcs",
"url": "https://git.mokoconsulting.tech/mokoconsulting-tech/MokoCli-API"
}
],
"config": {
"sort-packages": true,
"optimize-autoloader": true,
"preferred-install": "dist",
"allow-plugins": {
"composer/installers": true
}
},
"scripts": {
"validate-module": "vendor/bin/validate-module --path .",
"build": "vendor/bin/build-package --path .",
"test": "phpunit",
"phpcs": "phpcs --standard=vendor/mokoconsulting-tech/enterprise/phpcs.xml src/",
"phpstan": "phpstan analyse -c phpstan.neon src/"
}
}
templates/configs/composer.generic.json
-51
View File
@@ -1,51 +0,0 @@
{
"name": "mokoconsulting-tech/{{repo_name_lower}}",
"description": "{{repo_name}} library by Moko Consulting",
"type": "library",
"version": "01.00.00",
"license": "GPL-3.0-or-later",
"authors": [
{
"name": "Moko Consulting",
"email": "hello@mokoconsulting.tech"
}
],
"minimum-stability": "stable",
"prefer-stable": true,
"require": {
"php": ">=8.1",
"mokoconsulting-tech/enterprise": "dev-version/04.02.00"
},
"require-dev": {
"phpunit/phpunit": "^10.5",
"phpstan/phpstan": "^2.0",
"squizlabs/php_codesniffer": "^4.0"
},
"autoload": {
"psr-4": {
"MokoConsulting\\{{repo_name}}\\": "src/"
}
},
"autoload-dev": {
"psr-4": {
"MokoConsulting\\{{repo_name}}\\Tests\\": "tests/"
}
},
"repositories": [
{
"type": "vcs",
"url": "https://git.mokoconsulting.tech/mokoconsulting-tech/MokoCli-API"
}
],
"config": {
"sort-packages": true,
"optimize-autoloader": true,
"preferred-install": "dist"
},
"scripts": {
"validate": "vendor/bin/validate-structure --path .",
"test": "phpunit",
"phpcs": "phpcs --standard=vendor/mokoconsulting-tech/enterprise/phpcs.xml src/",
"phpstan": "phpstan analyse -c vendor/mokoconsulting-tech/enterprise/phpstan.neon src/"
}
}
templates/configs/composer.joomla.json
-55
View File
@@ -1,55 +0,0 @@
{
"name": "mokoconsulting-tech/{{repo_name_lower}}",
"description": "{{repo_name}} Joomla component by Moko Consulting",
"type": "joomla-component",
"version": "01.00.00",
"license": "GPL-3.0-or-later",
"authors": [
{
"name": "Moko Consulting",
"email": "hello@mokoconsulting.tech"
}
],
"minimum-stability": "stable",
"prefer-stable": true,
"require": {
"php": ">=8.1",
"mokoconsulting-tech/enterprise": "dev-version/04.02.00"
},
"require-dev": {
"phpunit/phpunit": "^10.5",
"phpstan/phpstan": "^2.0",
"squizlabs/php_codesniffer": "^4.0"
},
"autoload": {
"psr-4": {
"MokoConsulting\\{{repo_name}}\\": "src/"
}
},
"autoload-dev": {
"psr-4": {
"MokoConsulting\\{{repo_name}}\\Tests\\": "tests/"
}
},
"repositories": [
{
"type": "vcs",
"url": "https://git.mokoconsulting.tech/mokoconsulting-tech/MokoCli-API"
}
],
"config": {
"sort-packages": true,
"optimize-autoloader": true,
"preferred-install": "dist",
"allow-plugins": {
"composer/installers": true
}
},
"scripts": {
"validate-manifest": "vendor/bin/validate-manifest --path .",
"build": "vendor/bin/build-package --path .",
"test": "phpunit",
"phpcs": "phpcs --standard=vendor/mokoconsulting-tech/enterprise/phpcs.xml src/",
"phpstan": "phpstan analyse -c phpstan.neon src/"
}
}
templates/configs/ftpignore
-47
View File
@@ -1,47 +0,0 @@
# .ftpignore — FTP/SFTP upload exclusion rules
# Syntax mirrors .gitignore: blank lines and # comments are ignored,
# * matches within a path segment, ** matches across segments, ? matches one char.
# A leading / anchors to the upload root; a trailing / matches directories only.
# Negation (!) is not supported.
#
# Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
# SPDX-License-Identifier: GPL-3.0-or-later
# ── Version-control metadata ──────────────────────────────────────────────────
.git/
.gitignore
.gitkeep
.gitattributes
.gitmodules
# ── CI / editor / tooling artefacts ──────────────────────────────────────────
.github/
.editorconfig
.yamllint
.phpcs.xml
.phpstan.neon
.psalm.xml
.mokostandards
# ── Dependency directories ────────────────────────────────────────────────────
vendor/
node_modules/
# ── Build / cache / temp ──────────────────────────────────────────────────────
build/
dist/
*.log
*.tmp
*.cache
# ── Secrets & local config (HARDCODED DENY — never deploy these) ─────────────
.env
.env.*
sftp-config*.json
sftp-config.json.template
scripts/sftp-config/
scripts/keys/
*.ppk
*.pem
*.key
.ftpignore
templates/configs/gitignore
-208
View File
@@ -1,208 +0,0 @@
# ============================================================
# Local task tracking (not version controlled)
# ============================================================
TODO.md
# ============================================================
# Environment and secrets
# ============================================================
.env
.env.local
.env.*.local
*.local.php
*.secret.php
configuration.php
configuration.*.php
configuration.local.php
conf/conf.php
conf/conf*.php
secrets/
*.secrets.*
# ============================================================
# Logs, dumps and databases
# ============================================================
*.db
*.db-journal
*.dump
*.log
*.pid
*.seed
# ============================================================
# OS / Editor / IDE cruft
# ============================================================
.DS_Store
Thumbs.db
desktop.ini
Thumbs.db:encryptable
ehthumbs.db
ehthumbs_vista.db
$RECYCLE.BIN/
System Volume Information/
*.lnk
Icon?
.idea/
.settings/
.claude/
.claude-worktree*/
.vscode/*
!.vscode/tasks.json
!.vscode/settings.json.example
!.vscode/extensions.json
*.code-workspace
*.sublime*
.project
.buildpath
.classpath
*.bak
*.swp
*.swo
*.tmp
*.old
*.orig
# ============================================================
# Dev scripts and scratch
# ============================================================
TODO.md
todo*
*ffs*
# ============================================================
# SFTP / sync tools
# ============================================================
sftp-config*.json
sftp-config.json.template
sftp-settings.json
# ============================================================
# Sublime SFTP / FTP sync
# ============================================================
*.sublime-project
*.sublime-workspace
*.sublime-settings
.libsass.json
*.ffs*
# ============================================================
# Replit / cloud IDE
# ============================================================
.replit
replit.md
# ============================================================
# Archives / release artifacts
# ============================================================
*.7z
*.rar
*.tar
*.tar.gz
*.tgz
*.zip
artifacts/
release/
releases/
# ============================================================
# Build outputs and site generators
# ============================================================
.mkdocs-build/
.cache/
.parcel-cache/
build/
dist/
out/
/site/
*.map
*.css.map
*.js.map
*.tsbuildinfo
# ============================================================
# CI / test artifacts
# ============================================================
.coverage
.coverage.*
coverage/
coverage.xml
htmlcov/
junit.xml
reports/
test-results/
tests/_output/
.github/local/
.github/workflows/*.log
# ============================================================
# Node / JavaScript
# ============================================================
node_modules/
npm-debug.log*
yarn-debug.log*
yarn-error.log*
pnpm-debug.log*
.pnpm-store/
.yarn/
.npmrc
.eslintcache
package-lock.json
# ============================================================
# PHP / Composer tooling
# ============================================================
/vendor/
!src/media/vendor/
composer.lock
*.phar
codeception.phar
.phpunit.result.cache
.php_cs.cache
.php-cs-fixer.cache
.phpstan.cache
.phplint-cache
phpmd-cache/
.psalm/
.rector/
# ============================================================
# Python
# ============================================================
__pycache__/
*.py[cod]
*.pyc
*$py.class
*.so
.Python
.eggs/
*.egg
*.egg-info/
.installed.cfg
MANIFEST
develop-eggs/
downloads/
eggs/
parts/
sdist/
var/
wheels/
ENV/
env/
.venv/
venv/
.pytest_cache/
.mypy_cache/
.ruff_cache/
.pyright/
.tox/
.nox/
*.cover
*.coverage
hypothesis/
# ============================================================
# Local wiki clone (not version controlled)
# ============================================================
wiki/
templates/configs/gitignore.dolibarr
-225
View File
@@ -1,225 +0,0 @@
# ============================================================
# Local task tracking (not version controlled)
# ============================================================
TODO.md
# ============================================================
# Environment and secrets
# ============================================================
.env
.env.local
.env.*.local
*.local.php
*.secret.php
configuration.php
configuration.*.php
configuration.local.php
conf/conf.php
conf/conf*.php
secrets/
*.secrets.*
# ============================================================
# Logs, dumps and databases
# ============================================================
*.db
*.db-journal
*.dump
*.log
*.pid
*.seed
# ============================================================
# OS / Editor / IDE cruft
# ============================================================
.DS_Store
Thumbs.db
desktop.ini
Thumbs.db:encryptable
ehthumbs.db
ehthumbs_vista.db
$RECYCLE.BIN/
System Volume Information/
*.lnk
Icon?
.idea/
.settings/
.claude/
.claude-worktree*/
.vscode/*
!.vscode/tasks.json
!.vscode/settings.json.example
!.vscode/extensions.json
*.code-workspace
*.sublime*
.project
.buildpath
.classpath
*.bak
*.swp
*.swo
*.tmp
*.old
*.orig
# ============================================================
# Dev scripts and scratch
# ============================================================
TODO.md
todo*
*ffs*
# ============================================================
# SFTP / sync tools
# ============================================================
sftp-config*.json
sftp-config.json.template
sftp-settings.json
# ============================================================
# Sublime SFTP / FTP sync
# ============================================================
*.sublime-project
*.sublime-workspace
*.sublime-settings
.libsass.json
*.ffs*
# ============================================================
# Replit / cloud IDE
# ============================================================
.replit
replit.md
# ============================================================
# Archives / release artifacts
# ============================================================
*.7z
*.rar
*.tar
*.tar.gz
*.tgz
*.zip
artifacts/
release/
releases/
# ============================================================
# Build outputs and site generators
# ============================================================
.mkdocs-build/
.cache/
.parcel-cache/
build/
dist/
out/
site/
*.map
*.css.map
*.js.map
*.tsbuildinfo
# ============================================================
# CI / test artifacts
# ============================================================
.coverage
.coverage.*
coverage/
coverage.xml
htmlcov/
junit.xml
reports/
test-results/
tests/_output/
.github/local/
.github/workflows/*.log
# ============================================================
# Node / JavaScript
# ============================================================
node_modules/
npm-debug.log*
yarn-debug.log*
yarn-error.log*
pnpm-debug.log*
.pnpm-store/
.yarn/
.npmrc
.eslintcache
package-lock.json
# ============================================================
# PHP / Composer tooling
# ============================================================
/vendor/
!src/media/vendor/
composer.lock
*.phar
codeception.phar
.phpunit.result.cache
.php_cs.cache
.php-cs-fixer.cache
.phpstan.cache
.phplint-cache
phpmd-cache/
.psalm/
.rector/
# ============================================================
# Python
# ============================================================
__pycache__/
*.py[cod]
*.pyc
*$py.class
*.so
.Python
.eggs/
*.egg
*.egg-info/
.installed.cfg
MANIFEST
develop-eggs/
downloads/
eggs/
parts/
sdist/
var/
wheels/
ENV/
env/
.venv/
venv/
.pytest_cache/
.mypy_cache/
.ruff_cache/
.pyright/
.tox/
.nox/
*.cover
*.coverage
hypothesis/
# ============================================================
# Local wiki clone (not version controlled)
# ============================================================
wiki/
# ============================================================
# Dolibarr runtime / data
# ============================================================
documents/
dolibarr_documents/
uploads/
thumbs/
data/
cache/
temp/
tmp/
logs/
htdocs/documents/
htdocs/cache/
htdocs/tmp/
htdocs/logs/
conf/conf.php
templates/configs/index.md
-43
View File
@@ -1,43 +0,0 @@
<!--
Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
SPDX-License-Identifier: GPL-3.0-or-later
FILE INFORMATION
DEFGROUP: MokoPlatform.Index
INGROUP: MokoPlatform.Templates.Configs
REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
PATH: /templates/configs/index.md
BRIEF: Configuration templates directory index
-->
# Code Quality Configuration Templates
Standardized configuration files for code quality and security tools.
## Available Configurations
### PHP
- `phpcs.xml` - PHP_CodeSniffer (PSR-12)
- `phpstan.neon` - PHPStan static analysis
- `psalm.xml` - Psalm advanced analysis
### JavaScript/TypeScript
- `.eslintrc.json` - ESLint linting
- `.prettierrc.json` - Prettier formatting
### Python
- `.pylintrc` - Pylint analysis
- `pyproject.toml` - Black, isort, mypy, pytest
### HTML
- `.htmlhintrc` - HTMLHint validation
## Quick Start
```bash
# Copy configuration for your language
cp templates/configs/.eslintrc.json .
cp templates/configs/phpcs.xml .
cp templates/configs/.pylintrc .
```
See [README.md](README.md) for detailed documentation.
templates/configs/manifest.xml.template
-38
View File
@@ -1,38 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
SPDX-License-Identifier: GPL-3.0-or-later
FILE INFORMATION
DEFGROUP: MokoPlatform.Templates.Config
INGROUP: MokoPlatform.Templates
REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
PATH: /templates/configs/manifest.xml.template
BRIEF: XML manifest template — synced to .mokogitea/manifest.xml in every governed repository
NOTE: This template is a reference only. The bulk sync generates XML via MokoCliParser::generate().
mokocli Repository Manifest
Auto-generated by mokocli bulk sync.
Manual edits to <governance> and <last-synced> may be overwritten.
See: docs/standards/manifest-file-spec.md
-->
<mokocli xmlns="https://standards.mokoconsulting.tech/mokocli/1.0"
schema-version="1.0">
<identity>
<name>{{REPO_NAME}}</name>
<org>{{org}}</org>
<description>{{REPO_DESCRIPTION}}</description>
<license spdx="GPL-3.0-or-later">GNU General Public License v3</license>
</identity>
<governance>
<platform>{{platform}}</platform>
<standards-version>{{standards_version}}</standards-version>
<standards-source>https://git.mokoconsulting.tech/MokoConsulting/mokocli</standards-source>
</governance>
<build>
<language>{{PRIMARY_LANGUAGE}}</language>
</build>
</mokocli>
templates/configs/manifest.yml.template
-19
View File
@@ -1,19 +0,0 @@
# Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
# SPDX-License-Identifier: GPL-3.0-or-later
# FILE INFORMATION
# DEFGROUP: MokoPlatform.Templates.Config
# INGROUP: MokoPlatform.Templates
# REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
# PATH: /templates/configs/manifest.yml.template
# BRIEF: Governance attachment template — synced to .mokogitea/manifest.xml in every governed repository
# NOTE: Tokens replaced at sync time: {{org}}, {{repo_name}}, {{platform}}, {{standards_version}}
#
# This file is managed automatically by mokocli bulk sync.
# Do not edit manually — changes will be overwritten on the next sync.
# To update governance settings, open a PR in mokocli instead:
# https://git.mokoconsulting.tech/MokoConsulting/mokocli
standards_source: "https://git.mokoconsulting.tech/MokoConsulting/mokocli"
standards_version: "{{standards_version}}"
platform: "{{platform}}"
governed_repo: "{{org}}/{{repo_name}}"
templates/configs/mokostandards.xml.template
-38
View File
@@ -1,38 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
SPDX-License-Identifier: GPL-3.0-or-later
FILE INFORMATION
DEFGROUP: MokoPlatform.Templates.Config
INGROUP: MokoPlatform.Templates
REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
PATH: /templates/configs/manifest.xml.template
BRIEF: XML manifest template — synced to .mokogitea/manifest.xml in every governed repository
NOTE: This template is a reference only. The bulk sync generates XML via MokoCliParser::generate().
mokocli Repository Manifest
Auto-generated by mokocli bulk sync.
Manual edits to <governance> and <last-synced> may be overwritten.
See: docs/standards/manifest-file-spec.md
-->
<mokocli xmlns="https://git.mokoconsulting.tech/MokoConsulting/mokocli"
schema-version="1.0">
<identity>
<name>{{REPO_NAME}}</name>
<org>{{org}}</org>
<description>{{REPO_DESCRIPTION}}</description>
<license spdx="GPL-3.0-or-later">GNU General Public License v3</license>
</identity>
<governance>
<platform>{{platform}}</platform>
<standards-version>{{standards_version}}</standards-version>
<standards-source>https://git.mokoconsulting.tech/MokoConsulting/mokocli</standards-source>
</governance>
<build>
<language>{{PRIMARY_LANGUAGE}}</language>
</build>
</mokocli>
templates/configs/mokostandards.yml.template
-19
View File
@@ -1,19 +0,0 @@
# Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
# SPDX-License-Identifier: GPL-3.0-or-later
# FILE INFORMATION
# DEFGROUP: MokoPlatform.Templates.Config
# INGROUP: MokoPlatform.Templates
# REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
# PATH: /templates/configs/moko-standards.yml.template
# BRIEF: Governance attachment template — synced to .mokostandards in every governed repository
# NOTE: Tokens replaced at sync time: {{org}}, {{repo_name}}, {{platform}}, {{standards_version}}
#
# This file is managed automatically by mokocli bulk sync.
# Do not edit manually — changes will be overwritten on the next sync.
# To update governance settings, open a PR in mokocli instead:
# https://git.mokoconsulting.tech/MokoConsulting/mokocli
standards_source: "https://git.mokoconsulting.tech/MokoConsulting/mokocli"
standards_version: "{{standards_version}}"
platform: "{{platform}}"
governed_repo: "{{org}}/{{repo_name}}"
templates/configs/pa11yci.json
-22
View File
@@ -1,22 +0,0 @@
{
"defaults": {
"standard": "WCAG2AA",
"timeout": 30000,
"wait": 1000,
"ignore": [],
"chromeLaunchConfig": {
"args": [
"--no-sandbox",
"--disable-setuid-sandbox"
]
}
},
"urls": [
{
"url": "http://localhost:8080/",
"actions": []
}
],
"concurrency": 2,
"useIncognitoBrowserContext": true
}
templates/configs/phpcs.xml
-54
View File
@@ -1,54 +0,0 @@
<?xml version="1.0"?>
<!--
Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
This file is part of a Moko Consulting project.
SPDX-License-Identifier: GPL-3.0-or-later
-->
<ruleset name="mokocli PHP Coding Standards">
<description>PHP_CodeSniffer configuration for mokocli projects</description>
<!-- Files to check -->
<file>src</file>
<file>tests</file>
<!-- Exclude vendor and other dependencies -->
<exclude-pattern>*/vendor/*</exclude-pattern>
<exclude-pattern>*/node_modules/*</exclude-pattern>
<exclude-pattern>*/.git/*</exclude-pattern>
<!-- Use PSR-12 as base standard -->
<rule ref="PSR12"/>
<!-- Additional rules -->
<rule ref="Generic.Arrays.DisallowLongArraySyntax"/>
<rule ref="Generic.CodeAnalysis.EmptyStatement"/>
<rule ref="Generic.CodeAnalysis.UnconditionalIfStatement"/>
<rule ref="Generic.CodeAnalysis.UnnecessaryFinalModifier"/>
<rule ref="Generic.Files.LineLength">
<properties>
<property name="lineLimit" value="120"/>
<property name="absoluteLineLimit" value="150"/>
</properties>
</rule>
<rule ref="Generic.PHP.ForbiddenFunctions">
<properties>
<property name="forbiddenFunctions" type="array">
<element key="eval" value="null"/>
<element key="create_function" value="null"/>
<element key="var_dump" value="null"/>
<element key="print_r" value="null"/>
</property>
</properties>
</rule>
<rule ref="Squiz.PHP.CommentedOutCode"/>
<rule ref="Squiz.WhiteSpace.SuperfluousWhitespace"/>
<!-- Show progress and use colors -->
<arg value="p"/>
<arg name="colors"/>
<!-- Show sniff codes in all reports -->
<arg value="s"/>
</ruleset>
templates/configs/phpstan.dolibarr.neon
-39
View File
@@ -1,39 +0,0 @@
# Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
# SPDX-License-Identifier: GPL-3.0-or-later
#
# PHPStan configuration for Dolibarr module repositories.
# Extends the base MokoCli config and adds Dolibarr class stubs
# so PHPStan can resolve CommonObject, DoliDB, Conf, User, etc.
# without requiring a full Dolibarr installation.
parameters:
level: 5
paths:
- src
excludePaths:
- vendor
- node_modules
# Dolibarr class stubs — resolved via the enterprise package from vendor/
stubFiles:
- vendor/mokoconsulting-tech/enterprise/templates/stubs/dolibarr.php
# Suppress errors that are structural in Dolibarr's dynamic architecture
ignoreErrors:
# Dolibarr uses dynamic properties heavily (pre-PHP 8.2 pattern)
- '#Access to an undefined property [A-Za-z]+::\$#'
# Module descriptors use magic property assignment in __construct
- '#Variable \$[a-z]+ might not be defined\.#'
# Common Dolibarr globals declared at script entry point
dynamicConstantNames:
- DOL_DOCUMENT_ROOT
- DOL_URL_ROOT
- DOL_VERSION
- MAIN_DB_PREFIX
reportUnmatchedIgnoredErrors: false
checkMissingIterableValueType: false
checkGenericClassInNonGenericObjectType: false
templates/configs/phpstan.joomla.neon
-32
View File
@@ -1,32 +0,0 @@
# Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
# SPDX-License-Identifier: GPL-3.0-or-later
#
# PHPStan configuration for Joomla extension repositories.
# Extends the base MokoCli config and adds Joomla framework class stubs
# so PHPStan can resolve Factory, CMSApplication, User, Table, etc.
# without requiring a full Joomla installation.
parameters:
level: 5
paths:
- src
excludePaths:
- vendor
- node_modules
# Joomla framework stubs — resolved via the enterprise package from vendor/
stubFiles:
- vendor/mokoconsulting-tech/enterprise/templates/stubs/joomla.php
# Suppress errors that are structural in Joomla's service-container architecture
ignoreErrors:
# Joomla's service-based dependency injection returns mixed from getApplication()
- '#Cannot call method .+ on Joomla\\CMS\\Application\\CMSApplication\|null#'
# Factory::getX() patterns are safe at runtime even when nullable in stubs
- '#Call to static method [a-zA-Z]+\(\) on an interface#'
reportUnmatchedIgnoredErrors: false
checkMissingIterableValueType: false
checkGenericClassInNonGenericObjectType: false
templates/configs/phpstan.neon
-35
View File
@@ -1,35 +0,0 @@
# Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
#
# This file is part of a Moko Consulting project.
#
# SPDX-License-Identifier: GPL-3.0-or-later
# PHPStan configuration for MokoCli projects
parameters:
level: 5
paths:
- src
- tests
excludePaths:
- vendor
- node_modules
# Report unknown classes and functions
reportUnmatchedIgnoredErrors: false
# Check for dead code
checkMissingIterableValueType: false
checkGenericClassInNonGenericObjectType: false
# Additional checks
checkAlwaysTrueCheckTypeFunctionCall: true
checkAlwaysTrueInstanceof: true
checkAlwaysTrueStrictComparison: true
checkExplicitMixedMissingReturn: true
checkFunctionNameCase: true
checkInternalClassCaseSensitivity: true
# Ignore common patterns
ignoreErrors:
# Add project-specific ignores here
# - '#Call to an undefined method#'
templates/configs/psalm.xml
-34
View File
@@ -1,34 +0,0 @@
<?xml version="1.0"?>
<!--
Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
This file is part of a Moko Consulting project.
SPDX-License-Identifier: GPL-3.0-or-later
-->
<psalm
errorLevel="4"
resolveFromConfigFile="true"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="https://getpsalm.org/schema/config"
xsi:schemaLocation="https://getpsalm.org/schema/config vendor/vimeo/psalm/config.xsd"
findUnusedBaselineEntry="true"
findUnusedCode="false"
>
<projectFiles>
<directory name="src" />
<directory name="tests" />
<ignoreFiles>
<directory name="vendor" />
<directory name="node_modules" />
</ignoreFiles>
</projectFiles>
<issueHandlers>
<UnusedVariable>
<errorLevel type="suppress">
<directory name="tests" />
</errorLevel>
</UnusedVariable>
</issueHandlers>
</psalm>
templates/configs/pyproject.toml
-85
View File
@@ -1,85 +0,0 @@
# Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
#
# This file is part of a Moko Consulting project.
#
# SPDX-License-Identifier: GPL-3.0-or-later
# Python project configuration for MokoCli projects
[tool.black]
line-length = 100
target-version = ['py38', 'py39', 'py310', 'py311']
include = '\.pyi?$'
exclude = '''
/(
\.git
| \.venv
| venv
| \.eggs
| \.tox
| build
| dist
| __pycache__
| node_modules
)/
'''
[tool.isort]
profile = "black"
line_length = 100
multi_line_output = 3
include_trailing_comma = true
force_grid_wrap = 0
use_parentheses = true
ensure_newline_before_comments = true
[tool.mypy]
python_version = "3.8"
warn_return_any = true
warn_unused_configs = true
disallow_untyped_defs = false
disallow_incomplete_defs = false
check_untyped_defs = true
disallow_untyped_calls = false
disallow_untyped_decorators = false
no_implicit_optional = true
warn_redundant_casts = true
warn_unused_ignores = true
warn_no_return = true
warn_unreachable = true
strict_equality = true
ignore_missing_imports = true
[[tool.mypy.overrides]]
module = "tests.*"
disallow_untyped_defs = false
[tool.pytest.ini_options]
minversion = "6.0"
addopts = "-ra -q --strict-markers"
testpaths = [
"tests",
]
python_files = "test_*.py"
python_classes = "Test*"
python_functions = "test_*"
[tool.coverage.run]
source = ["src"]
omit = [
"*/tests/*",
"*/__pycache__/*",
"*/venv/*",
"*/.venv/*",
]
[tool.coverage.report]
exclude_lines = [
"pragma: no cover",
"def __repr__",
"raise AssertionError",
"raise NotImplementedError",
"if __name__ == .__main__.:",
"if TYPE_CHECKING:",
"@abstractmethod",
]
templates/configs/renovate.json
-26
View File
@@ -1,26 +0,0 @@
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": [
"config:recommended",
"schedule:weekly",
":disableDependencyDashboard"
],
"labels": ["dependencies"],
"automerge": false,
"platformAutomerge": false,
"rangeStrategy": "bump",
"packageRules": [
{
"matchUpdateTypes": ["patch"],
"automerge": true
},
{
"matchManagers": ["composer"],
"enabled": true
},
{
"matchManagers": ["npm"],
"enabled": true
}
]
}
templates/docs/README.md
-117
View File
@@ -1,117 +0,0 @@
<!--
Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
SPDX-License-Identifier: GPL-3.0-or-later
FILE INFORMATION
DEFGROUP: MokoPlatform.Index
INGROUP: MokoPlatform.Templates.Docs
REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
PATH: /templates/docs/README.md
BRIEF: Documentation templates README
-->
# Documentation Templates
## Purpose
This directory contains governed documentation templates for the mokocli organization. These templates ensure consistency, completeness, and compliance across all documentation artifacts.
## Intended Use
Use these templates when:
- Creating new documentation files
- Establishing documentation in new repositories
- Ensuring compliance with documentation standards
- Maintaining consistency across projects
## Instructions
### Template Categories
Templates are organized into two categories:
1. **Required Templates** - `/templates/docs/required/`
- Mandatory documentation files for all repositories
- Must be present and maintained
- Subject to compliance review
2. **Extra Templates** - `/templates/docs/extra/`
- Optional documentation files
- Recommended for specific use cases
- Enhance documentation quality
### Using Templates
To use a template:
1. Navigate to appropriate template category (required or extra)
2. Copy the template file to your target location
3. Rename the file removing the `template-` prefix
4. Replace all placeholder content with actual information
5. Complete all required fields
6. Remove example sections or mark them explicitly as examples
7. Follow the template instructions section
8. Validate against Document Formatting Policy
### Template Maintenance
Templates are governed assets and must:
- Follow Document Formatting Policy requirements
- Include all required sections for templates
- Contain no production data
- Use placeholder values only
- Be reviewed per governance schedule
- Have Project task entries
## Required Fields
When using templates, ensure these fields are completed:
- All section headers and content
- Metadata fields specific to the document
- Revision history
- Purpose and scope statements
- Responsibilities and governance rules (where applicable)
## Example Usage
### Creating a New Repository README
```bash
# Copy template to target location
cp /templates/docs/required/template-README.md /path/to/repo/README.md
# Edit the file
# - Replace "[Repository Name]" with actual repository name
# - Complete all sections
# - Update metadata
# - Customize content for your repository
```
### Creating a New Policy Document
```bash
# Use policy template structure
# Follow /docs/policy/ examples
# Ensure all mandatory policy sections included
# Obtain required approvals per policy
```
## Metadata
- **Document Type:** overview
- **Document Subtype:** catalog
- **Owner Role:** Documentation Owner
- **Approval Required:** No
- **Evidence Required:** Yes
- **Review Cycle:** Annual
- **Retention:** Indefinite
- **Compliance Tags:** Governance
- **Status:** Published
## Revision History
- Initial template catalog established
- Template categories and usage instructions defined
- Template maintenance requirements documented
templates/docs/extra/README.md
-200
View File
@@ -1,200 +0,0 @@
<!--
Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
SPDX-License-Identifier: GPL-3.0-or-later
FILE INFORMATION
DEFGROUP: MokoPlatform.Index
INGROUP: MokoPlatform.Templates.Docs.Extra
REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
PATH: /templates/docs/extra/README.md
BRIEF: Extra documentation templates README
-->
# Extra Documentation Templates
## Purpose
This directory contains optional documentation templates that enhance repository documentation quality and completeness. These templates are recommended but not mandatory, providing additional documentation capabilities beyond baseline requirements.
## Intended Use
Use these templates when:
- Enhanced documentation is beneficial
- Specific use cases require additional documentation
- Improving documentation beyond minimum requirements
- Addressing stakeholder needs for additional information
- Meeting specific project or compliance needs
## Instructions
### Optional Templates
Extra templates provide documentation for:
1. **Code of Conduct** - Community behavior guidelines
2. **Security Policy** - Security reporting and disclosure
3. **Support Documentation** - Support channels and procedures
4. **Governance Documents** - Decision-making and authority
5. **Additional Technical Documentation** - Architecture, design, API docs
### Template Selection
Choose extra templates based on:
- **Project Size** - Larger projects benefit from comprehensive documentation
- **Community Size** - Projects with external contributors need governance docs
- **Security Requirements** - Security-sensitive projects need security policy
- **Stakeholder Needs** - Specific stakeholder requirements
- **Compliance Requirements** - Regulatory or audit requirements
### Template Usage
For each extra template:
1. Determine if template is needed for your project
2. Copy the template file from this directory
3. Rename removing the `template-` prefix
4. Place in appropriate repository location
5. Complete all sections
6. Replace all placeholder values
7. Customize for your project context
8. Create Project task if document is critical
9. Maintain per appropriate review cycle
### When to Use Extra Templates
#### Code of Conduct
Use when:
- Repository accepts external contributions
- Community interactions expected
- Need to establish behavioral expectations
- Creating inclusive environment
#### Security Policy
Use when:
- Repository contains security-sensitive code
- Security vulnerabilities may be discovered
- Need coordinated disclosure process
- Compliance requires security documentation
#### Support Documentation
Use when:
- Users need support information
- Multiple support channels exist
- Support expectations must be clear
- SLA or support tiers defined
#### Governance Documents
Use when:
- Decision-making authority must be clear
- Multiple maintainers or teams involved
- Escalation procedures needed
- Organizational governance required
## Required Fields
When using extra templates, ensure these fields are completed:
- All section headers with appropriate content
- Purpose and scope clearly defined
- Contact information where applicable
- Procedures and processes clearly documented
- Metadata (for governed documents)
- Revision history
## Example Usage
### Adding Code of Conduct
```bash
# Copy template
cp /templates/docs/extra/template-CODE_OF_CONDUCT.md ./CODE_OF_CONDUCT.md
# Edit the file
# - Complete all sections
# - Add contact information for enforcement
# - Customize behavioral expectations
# - Add reporting procedures
# Commit to repository
git add CODE_OF_CONDUCT.md
git commit -m "Add Code of Conduct"
```
### Adding Security Policy
```bash
# Copy template
cp /templates/docs/extra/template-SECURITY.md ./SECURITY.md
# Edit the file
# - Define supported versions
# - Add vulnerability reporting procedures
# - Define disclosure timelines
# - Add security contact information
# Commit to repository
git add SECURITY.md
git commit -m "Add security policy"
```
### Adding Support Documentation
```bash
# Copy template
cp /templates/docs/extra/template-SUPPORT.md ./SUPPORT.md
# Edit the file
# - List support channels
# - Define response expectations
# - Add support tiers if applicable
# - Include escalation procedures
# Commit to repository
git add SUPPORT.md
git commit -m "Add support documentation"
```
## Template List
- **template-CODE_OF_CONDUCT.md** - Community behavior guidelines template
- Additional templates as needed for specific use cases
Note: Extra templates are created on-demand based on organizational needs. Check this directory for available templates or request new templates through governance channels.
## Best Practices
When using extra templates:
- Only use templates that add value to your project
- Keep documentation current and accurate
- Follow Document Formatting Policy
- Create Project tasks for critical documents
- Review and update per appropriate schedule
- Remove unused templates to reduce maintenance burden
## Metadata
- **Document Type:** overview
- **Document Subtype:** catalog
- **Owner Role:** Documentation Owner
- **Approval Required:** No
- **Evidence Required:** Yes
- **Review Cycle:** Annual
- **Retention:** Indefinite
- **Compliance Tags:** Governance
- **Status:** Published
## Revision History
- Initial extra templates catalog established
- Template selection guidance defined
- Usage instructions and best practices documented
templates/docs/extra/index.md
-32
View File
@@ -1,32 +0,0 @@
<!--
Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
SPDX-License-Identifier: GPL-3.0-or-later
FILE INFORMATION
DEFGROUP: MokoPlatform.Index
INGROUP: MokoPlatform.Templates.Docs.Extra
REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
PATH: /templates/docs/extra/index.md
BRIEF: Extra documentation templates directory index
-->
# Docs Index: /templates/docs/extra
## Purpose
This index provides navigation to documentation within this folder.
## Documents
- [README](./README.md)
- [template-CODE_OF_CONDUCT](./template-CODE_OF_CONDUCT.md)
## Metadata
- **Document Type:** index
- **Auto-generated:** This file is automatically generated by rebuild_indexes.py
## Revision History
| Change | Notes | Author |
| --- | --- | --- |
| Automated update | Generated by documentation index automation | rebuild_indexes.py |
templates/docs/extra/template-CODE_OF_CONDUCT.md
-86
View File
@@ -1,86 +0,0 @@
<!-- Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
This file is part of a Moko Consulting project.
SPDX-License-Identifier: GPL-3.0-or-later
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the IMPLIED WARRANTY of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License (./LICENSE.md).
# FILE INFORMATION
DEFGROUP:
INGROUP: Project.Documentation
REPO:
PATH: ./CODE_OF_CONDUCT.md
BRIEF: Reference + packaging repo for Moko Consulting Developer GPT Other Default
-->
# Code of Conduct
## 1. Purpose
The purpose of this Code of Conduct is to ensure a safe, inclusive, and respectful environment for all contributors and participants in Moko Consulting projects. This applies to all interactions, whether in repositories, issue trackers, documentation, meetings, or community spaces.
## 2. Our Standards
Participants are expected to uphold behaviors that strengthen our community, including:
Demonstrating empathy and respect toward others.
Being inclusive of diverse viewpoints and backgrounds.
Gracefully accepting constructive feedback.
Prioritizing collaboration over conflict.
Showing professionalism in all interactions.
### Unacceptable behavior includes:
Harassment, discrimination, or derogatory comments.
Threatening or violent language or actions.
Disruptive, aggressive, or intentionally harmful behavior.
Publishing others private information without permission.
Any behavior that violates applicable laws.
## 3. Responsibilities of Maintainers
Maintainers are responsible for:
Clarifying acceptable behavior.
Taking appropriate corrective action when unacceptable behavior occurs.
Removing, editing, or rejecting contributions that violate this Code.
Temporarily or permanently banning contributors who engage in repeated or severe violations.
## 4. Scope
This Code applies to:
All Moko Consulting repositories.
All documentation and collaboration platforms.
Public and private communication related to project activities.
Any representation of Moko Consulting in online or offline spaces.
## 5. Enforcement
Instances of misconduct may be reported to:
**[hello@mokoconsulting.tech](mailto:hello@mokoconsulting.tech)**
All reports will be reviewed and investigated promptly and fairly. Maintainers are obligated to maintain confidentiality where possible.
Consequences may include:
A warning.
Required training or mediation.
Temporary or permanent bans.
Escalation to legal authorities when required.
## 6. Acknowledgements
This Code of Conduct is inspired by widely adopted community guidelines, including the Contributor Covenant and major open-source collaboration standards.
## 7. Related Documents
[Governance Guide](./docs-governance.md)
[Contributor Guide](./docs-contributing.md)
[Documentation Index](./docs-index.md)
This Code of Conduct is a living document and may be updated following the established Change Management process.
templates/docs/extra/template-ROADMAP.md
-142
View File
@@ -1,142 +0,0 @@
<!--
Copyright (C) 2026 [Organization Name] <contact@example.com>
This file is part of [Project Name].
SPDX-License-Identifier: GPL-3.0-or-later
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>.
-->
# [Project Name] Roadmap
## Scope and Intent
This document defines the roadmap for [Project Name] starting with version **[X.Y.Z]**. It establishes the sequencing, intent, and maturity expectations for deliverables governed by this project.
This roadmap is forward-looking by design. Completed work prior to the current baseline version is considered foundational and is intentionally excluded. This file tracks **current and future-state development only**.
## Version [X.Y.Z] — [Phase Name] ✅ COMPLETED / 🔄 IN PROGRESS / 📋 PLANNED
Focus: [Brief description of this version's primary focus]
### Completed Deliverables
***[Category Name]**
* ✅ [Specific deliverable or feature]
* ✅ [Specific deliverable or feature]
***[Category Name]**
* ✅ [Specific deliverable or feature]
### In Progress
* 🔄 [Item currently being worked on]
* 🔄 [Item currently being worked on]
### Planned Deliverables
* [Future planned item]
* [Future planned item]
### Achieved Outcomes
* ✅ [Measurable outcome or benefit]
* ✅ [Measurable outcome or benefit]
* 🔄 [Partially achieved outcome]
## Version [X.Y+1.Z] — [Next Phase Name]
Focus: [Brief description of next version's primary focus]
### In-Scope Deliverables
* [Deliverable for next version]
* [Deliverable for next version]
### Outcomes
* [Expected outcome or benefit]
* [Expected outcome or benefit]
## Version [X.Y+2.Z] — [Future Phase Name]
Focus: [Brief description of future version's primary focus]
### Planned Deliverables
* [Future deliverable]
* [Future deliverable]
### Outcomes
* [Expected outcome]
* [Expected outcome]
## Version [X.Y+3.Z] and Beyond — [Long-term Vision]
Focus: [Long-term strategic direction]
### Forward-Looking Initiatives
* [Strategic initiative]
* [Strategic initiative]
### Outcomes
* [Long-term goal]
* [Long-term goal]
---
This roadmap is intentionally conservative and additive. New versions extend prior guarantees without breaking existing contracts.
## Guidelines for Version Planning
### Version Numbering
Use semantic versioning for clarity:
- **Major versions** (X.0.0): Breaking changes, major architectural shifts
- **Minor versions** (X.Y.0): New features, significant enhancements
- **Patch versions** (X.Y.Z): Bug fixes, minor improvements
### Planning Horizon
- **Current Version**: Actively being delivered
- **Next 2-3 Versions**: Clearly defined with specific deliverables
- **Future Versions**: High-level themes and strategic direction
### Status Indicators
-**COMPLETED**: Delivered and validated
- 🔄 **IN PROGRESS**: Active development underway
- 📋 **PLANNED**: Scheduled but not yet started
- ⏸️ **PAUSED**: Temporarily on hold
-**CANCELLED**: No longer pursuing
## Metadata
```
Owner: [Owner Name/Role]
Reviewers: [Reviewer Names/Roles]
Status: Active
Last Updated: [YYYY-MM-DD]
Next Review: [YYYY-MM-DD]
```
## Revision History
| Date | Version | Author | Notes |
| ---------- | -------- | -------------- | ------------------------------- |
| YYYY-MM-DD | X.Y.Z | [Author Name] | [Description of changes] |
| YYYY-MM-DD | X.Y.Z | [Author Name] | [Description of changes] |
templates/docs/index.md
-36
View File
@@ -1,36 +0,0 @@
<!--
Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
SPDX-License-Identifier: GPL-3.0-or-later
FILE INFORMATION
DEFGROUP: MokoPlatform.Index
INGROUP: MokoPlatform.Templates.Docs
REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
PATH: /templates/docs/index.md
BRIEF: Documentation templates directory index
-->
# Docs Index: /templates/docs
## Purpose
This index provides navigation to documentation within this folder.
## Subfolders
- [extra/](./extra/index.md)
- [required/](./required/index.md)
## Documents
- [README](./README.md)
## Metadata
- **Document Type:** index
- **Auto-generated:** This file is automatically generated by rebuild_indexes.py
## Revision History
| Change | Notes | Author |
| --- | --- | --- |
| Automated update | Generated by documentation index automation | rebuild_indexes.py |
templates/docs/required/CODEOWNERS
-37
View File
@@ -1,37 +0,0 @@
# CODEOWNERS
## Repository Ownership Matrix
```
# GLOBAL DEFAULT
* @mokoconsulting-tech
# DOCUMENTATION SUITE
/docs/ @mokoconsulting-tech
/docs/templates/ @mokoconsulting-tech
/docs/adr/ @mokoconsulting-tech
/docs/diagrams/ @mokoconsulting-tech
/docs/security/ @mokoconsulting-tech
# ENGINEERING + CODE ASSETS
/htdocs/ @mokoconsulting-tech
/src/ @mokoconsulting-tech
/api/ @mokoconsulting-tech
# CI/CD WORKFLOWS
/.github/workflows/ @mokoconsulting-tech
# ISSUE TEMPLATES
/.github/ISSUE_TEMPLATE/ @mokoconsulting-tech
# GOVERNANCE + OPERATIONAL FILES
/CONTRIBUTING.md @mokoconsulting-tech
/GOVERNANCE.md @mokoconsulting-tech
/CODE_OF_CONDUCT.md @mokoconsulting-tech
# SECURITY
/SECURITY.md @mokoconsulting-tech
# TEMPLATE LIBRARY
/docs/templates/ @mokoconsulting-tech
```
templates/docs/required/GOVERNANCE.md
-119
View File
@@ -1,119 +0,0 @@
<!--
Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
This file is part of a Moko Consulting project.
SPDX-License-Identifier: GPL-3.0-or-later
This program is free software; you can redistribute it and/or modify it under the terms of
the GNU General Public License as published by the Free Software Foundation; either version 3
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License (./LICENSE).
FILE INFORMATION
DEFGROUP: {{org}}.{{repo_name}}
INGROUP: MokoPlatform.Governance
REPO: https://github.com/{{org}}/{{repo_name}}
VERSION: {{standards_version}}
PATH: /GOVERNANCE.md
BRIEF: Project governance rules, roles, and decision process for {{repo_name}}
-->
[![mokocli](https://img.shields.io/badge/moko--platform-{{standards_version}}-blue)](https://git.mokoconsulting.tech/MokoConsulting/mokocli)
# Project Governance
## Overview
This document defines the governance model for the `{{repo_name}}` repository within the
`{{org}}` organization. It is automatically maintained by
[mokocli](https://git.mokoconsulting.tech/MokoConsulting/mokocli) v{{standards_version}}.
Full governance policy is defined in the mokocli source repository:
[docs/policy/GOVERNANCE.md](https://git.mokoconsulting.tech/MokoConsulting/mokocli/blob/main/docs/policy/GOVERNANCE.md)
---
## Roles and Responsibilities
### Maintainer
**GitHub**: @mokoconsulting-tech
**Authority**: Final decision-making authority on all matters for this repository.
**Responsibilities**:
- Review and merge pull requests
- Maintain code quality and standards compliance
- Manage releases and versioning
- Respond to issues and security reports
### Contributors
**Authority**: Submit changes via pull requests.
**Requirements**:
- Read and accept `CODE_OF_CONDUCT.md`
- Follow `CONTRIBUTING.md` guidelines
---
## Decision-Making
All changes must be submitted as pull requests. The maintainer (@mokoconsulting-tech)
reviews and approves all changes before they are merged.
### Sole Operator Policy
This organization operates under a **sole operator** model. The maintainer (@mokoconsulting-tech)
is the sole employee and owner and may self-approve pull requests when no second reviewer is
available. The following requirements remain mandatory regardless:
1. **Pull Requests Required** — all changes to protected branches go through a PR.
2. **Automated Checks** — all CI checks must pass before merging.
3. **Audit Trail** — issues, pull requests, and commit history are preserved.
4. **Documentation** — changes are documented in `CHANGELOG.md`.
See the full policy:
[Sole Operator Policy](https://git.mokoconsulting.tech/MokoConsulting/mokocli/blob/main/docs/policy/GOVERNANCE.md#sole-operator-policy)
---
## Change Management
| Change Type | Approval | Process |
|-------------|----------|---------|
| Routine (docs, bug fixes) | Maintainer | PR → CI pass → merge |
| Significant (new features) | Maintainer | PR with description → CI pass → merge |
| Major (breaking, architecture) | Maintainer | Issue discussion → PR → CI pass → merge |
| Emergency (security) | Maintainer | Labelled `EMERGENCY` → immediate merge → post-mortem |
---
## Reporting Issues
- **Bugs / Features**: Open a [GitHub Issue](https://github.com/{{org}}/{{repo_name}}/issues)
- **Security vulnerabilities**: See [SECURITY.md](./SECURITY.md)
- **Code of Conduct**: See [CODE_OF_CONDUCT.md](./CODE_OF_CONDUCT.md)
- **Contact**: dev@mokoconsulting.tech
---
## Metadata
| Field | Value |
| ------------- | ----------------------------------------------- |
| Document Type | Policy |
| Domain | Governance |
| Applies To | {{org}}/{{repo_name}} |
| Jurisdiction | Tennessee, USA |
| Maintainer | @mokoconsulting-tech |
| Standards | mokocli v{{standards_version}} |
| Repo | https://github.com/{{org}}/{{repo_name}} |
| Path | /GOVERNANCE.md |
| Status | Active — auto-maintained by mokocli |
templates/docs/required/README.md
-176
View File
@@ -1,176 +0,0 @@
<!--
Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
SPDX-License-Identifier: GPL-3.0-or-later
FILE INFORMATION
DEFGROUP: MokoPlatform.Index
INGROUP: MokoPlatform.Templates.Docs.Required
REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
PATH: /templates/docs/required/README.md
BRIEF: Required documentation templates README
-->
# Required Documentation Templates
## Purpose
This directory contains mandatory documentation templates that MUST be present in all repositories governed by mokocli documentation policies. These templates ensure baseline documentation compliance and organizational consistency.
## Intended Use
Use these templates when:
- Creating a new repository
- Establishing baseline repository documentation
- Ensuring compliance with documentation governance
- Meeting mandatory documentation requirements
## Instructions
### Mandatory Templates
All repositories MUST include these documentation files:
1. **README.md** - Repository overview and entry point
2. **CHANGELOG.md** - Change tracking and release history
3. **CONTRIBUTING.md** - Contribution guidelines and workflow
4. **LICENSE** - License terms and copyright (see templates/licenses/ for authoritative versions)
5. **SECURITY.md** - Security vulnerability reporting and handling policy
### Template Usage
For each required template:
1. Copy the template file from this directory
2. Rename removing the `template-` prefix
3. Place in repository root directory
4. Complete all required sections
5. Replace all placeholder values
6. Customize for your repository context
7. Validate compliance with Document Formatting Policy
8. Create Project task for the document
### Compliance Requirements
Required documentation MUST:
- Exist at repository root level
- Follow template structure
- Include all mandatory sections
- Contain accurate, current information
- Be maintained per review cycle
- Have corresponding Project task entries
### Non-Compliance Consequences
Repositories without required documentation:
- Are considered non-compliant
- May not satisfy audit requirements
- Cannot be used for production purposes
- Must remediate before deployment approval
## Required Fields
All required templates must have these completed:
### README.md
- Repository name and purpose
- Installation and usage instructions
- License information
- Contribution guidelines reference
- Contact information
### CHANGELOG.md
- Structured change history
- Release information
- Breaking changes documentation
- Migration guidance where applicable
### CONTRIBUTING.md
- Contribution workflow
- Code of conduct reference
- Development guidelines
- Pull request requirements
- Testing requirements
### LICENSE.md
- License text
- Copyright information
- License terms
- Redistribution terms
### SECURITY.md
- Supported versions
- Vulnerability reporting process
- Security best practices
- Response timeline and severity classification
## Example Usage
### New Repository Setup
```bash
# Create repository directory
mkdir my-new-repo
cd my-new-repo
# Initialize git
git init
# Copy required templates
cp /templates/docs/required/template-README.md ./README.md
cp /templates/docs/required/template-CHANGELOG.md ./CHANGELOG.md
cp /templates/docs/required/template-CONTRIBUTING.md ./CONTRIBUTING.md
cp /templates/licenses/GPL-3.0 ./LICENSE
cp /templates/docs/required/template-SECURITY.md ./SECURITY.md
# Edit each file to complete required fields
# Validate compliance
# Commit to repository
git add README.md CHANGELOG.md CONTRIBUTING.md LICENSE SECURITY.md
git commit -m "Add required documentation"
```
### Existing Repository Compliance
```bash
# Check for missing required files
ls -1 README.md CHANGELOG.md CONTRIBUTING.md LICENSE.md SECURITY.md
# Copy missing templates
# Complete required fields
# Commit to repository
```
## Template List
- **template-README.md** - Repository overview template
- **template-CHANGELOG.md** - Change log template
- **template-CONTRIBUTING.md** - Contribution guidelines template
- **template-SECURITY.md** - Security policy template
- **template-CODE_OF_CONDUCT.md** - Community code of conduct template
**Note**: LICENSE templates are in `/templates/licenses/` directory (see [templates/licenses/README.md](../../licenses/README.md))
## Metadata
- **Document Type:** overview
- **Document Subtype:** catalog
- **Owner Role:** Documentation Owner
- **Approval Required:** No
- **Evidence Required:** Yes
- **Review Cycle:** Annual
- **Retention:** Indefinite
- **Compliance Tags:** Governance, Compliance
- **Status:** Published
## Revision History
- Initial required templates catalog established
- Mandatory template requirements defined
- Compliance and usage instructions documented
templates/docs/required/index.md
-36
View File
@@ -1,36 +0,0 @@
<!--
Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
SPDX-License-Identifier: GPL-3.0-or-later
FILE INFORMATION
DEFGROUP: MokoPlatform.Index
INGROUP: MokoPlatform.Templates.Docs.Required
REPO: https://git.mokoconsulting.tech/MokoConsulting/mokocli
PATH: /templates/docs/required/index.md
BRIEF: Required documentation templates directory index
-->
# Docs Index: /templates/docs/required
## Purpose
This index provides navigation to documentation within this folder.
## Documents
- [README](./README.md)
- [template-CHANGELOG](./template-CHANGELOG.md)
- [template-CONTRIBUTING](./template-CONTRIBUTING.md)
- [template-LICENSE](./template-LICENSE.md)
- [template-README](./template-README.md)
- [template-SECURITY](./template-SECURITY.md)
## Metadata
- **Document Type:** index
- **Auto-generated:** This file is automatically generated by rebuild_indexes.py
## Revision History
| Change | Notes | Author |
| --- | --- | --- |
| Automated update | Generated by documentation index automation | rebuild_indexes.py |
templates/docs/required/template-CHANGELOG.md
-27
View File
@@ -1,27 +0,0 @@
<!--
Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
This file is part of a Moko Consulting project.
SPDX-LICENSE-IDENTIFIER: GPL-3.0-or-later
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the IMPLIED WARRANTY of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License (./LICENSE.md).
# FILE INFORMATION
DEFGROUP:
INGROUP: Documentation
REPO:
PATH: ./CHANGELOG.md
BRIEF: Version history using Keep a Changelog
-->
# Changelog
## [Unreleased]
### Added
- Initial defaults and docs
## [1.0] - YYYY-MM-DD
### Added
- First published draft
templates/docs/required/template-CONTRIBUTING.md
-128
View File
@@ -1,128 +0,0 @@
<!--
Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
This file is part of a Moko Consulting project.
SPDX-License-Identifier: GPL-3.0-or-later
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the IMPLIED WARRANTY of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License (./LICENSE).
# FILE INFORMATION
DEFGROUP: {{DEFGROUP}}
INGROUP: Project.Documentation
REPO: https://git.mokoconsulting.tech/mokoconsulting-tech/{{REPO_NAME}}
VERSION: {{standards_version}}
PATH: ./CONTRIBUTING.md
BRIEF: How to contribute; branch strategy, commit conventions, PR workflow, and release pipeline
-->
# Contributing
Thank you for your interest in contributing to **{{REPO_NAME}}**!
This repository is governed by **[mokocli](https://git.mokoconsulting.tech/MokoConsulting/mokocli)** — the authoritative source of coding standards, workflows, and policies for all Moko Consulting repositories.
## Branch Strategy
| Branch | Purpose | Deploys To |
|--------|---------|------------|
| `main` | Bleeding edge — all development merges here | CI only |
| `dev/XX.YY.ZZ` | Feature development | Dev server (version: "development") |
| `version/XX` | Stable frozen snapshot | Demo + RS servers |
### Development Workflow
```
1. Create branch: git checkout -b dev/XX.YY.ZZ/my-feature
2. Develop + test (dev server auto-deploys on push)
3. Open PR → main (squash merge only)
4. Auto-release (version branch + tag + GitHub Release created automatically)
```
### Branch Naming
| Prefix | Use |
|--------|-----|
| `dev/XX.YY.ZZ` | Feature development (e.g., `dev/02.00.00/add-extrafields`) |
| `version/XX` | Stable release (auto-created, never manually pushed) |
| `chore/` | Automated sync branches (managed by mokocli) |
> **Never use** `feature/`, `hotfix/`, or `release/` prefixes — they are not part of the mokocli branch strategy.
## Commit Conventions
Use [conventional commits](https://www.conventionalcommits.org/):
```
feat(scope): add new extrafield for invoice tracking
fix(sql): correct column type in llx_mytable
docs(readme): update installation instructions
chore(deps): bump enterprise library to 04.02.30
```
**Valid types:** `feat` | `fix` | `docs` | `chore` | `ci` | `refactor` | `style` | `test` | `perf` | `revert` | `build`
## Pull Request Workflow
1. **Branch** from `main` using `dev/XX.YY.ZZ/description` format
2. **Bump** the patch version in `README.md` before opening the PR
3. **Title** must be a valid conventional commit subject line
4. **Target** `main` — squash merge only (merge commits are disabled)
5. **CI checks** must pass before merge
### What Happens on Merge
When your PR is merged to `main`, these workflows run automatically:
1. **sync-version-on-merge** — auto-bumps patch version, propagates to all file headers
2. **auto-release** — creates `version/XX` branch, git tag, and GitHub Release
3. **deploy-demo / deploy-rs** — deploys to demo and RS servers (if `src/**` changed)
## Coding Standards
All contributions must follow [mokocli](https://git.mokoconsulting.tech/MokoConsulting/mokocli):
| Standard | Reference |
|----------|-----------|
| Coding Style | [coding-style-guide.md](https://git.mokoconsulting.tech/MokoConsulting/mokocli/blob/main/docs/policy/coding-style-guide.md) |
| File Headers | [file-header-standards.md](https://git.mokoconsulting.tech/MokoConsulting/mokocli/blob/main/docs/policy/file-header-standards.md) |
| Branching | [branch-release-strategy.md](https://git.mokoconsulting.tech/MokoConsulting/mokocli/blob/main/docs/policy/branch-release-strategy.md) |
| Merge Strategy | [merge-strategy.md](https://git.mokoconsulting.tech/MokoConsulting/mokocli/blob/main/docs/policy/merge-strategy.md) |
| Scripting | [scripting-standards.md](https://git.mokoconsulting.tech/MokoConsulting/mokocli/blob/main/docs/policy/scripting-standards.md) |
| Build & Release | [build-release.md](https://git.mokoconsulting.tech/MokoConsulting/mokocli/blob/main/docs/workflows/build-release.md) |
## PR Checklist
- [ ] Branch named `dev/XX.YY.ZZ/description`
- [ ] Patch version bumped in `README.md`
- [ ] Conventional commit format for PR title
- [ ] All new files have FILE INFORMATION headers
- [ ] `declare(strict_types=1)` in all PHP files
- [ ] PHPDoc on all public methods
- [ ] Tests pass
- [ ] CHANGELOG.md updated
- [ ] No secrets, tokens, or credentials committed
## Custom Workflows
Place repo-specific workflows in `.mokogitea/workflows/custom/` — they are **never overwritten or deleted** by mokocli sync:
```
.mokogitea/workflows/
├── deploy-dev.yml ← Synced from mokocli
├── auto-release.yml ← Synced from mokocli
└── custom/ ← Your custom workflows (safe)
└── my-custom-ci.yml
```
## License
By contributing, you agree that your contributions will be licensed under the [GPL-3.0-or-later](LICENSE) license.
---
*This file is synced from [mokocli](https://git.mokoconsulting.tech/MokoConsulting/mokocli). Do not edit directly — changes will be overwritten on the next sync.*
templates/docs/required/template-INSTALLATION.md
-440
View File
@@ -1,440 +0,0 @@
<!--
Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
This file is part of a Moko Consulting project.
SPDX-License-Identifier: GPL-3.0-or-later
# FILE INFORMATION
PATH: /docs/INSTALLATION.md
BRIEF: Installation and setup instructions for [PROJECT_NAME]
-->
# Installation
## Overview
This document provides comprehensive installation and setup instructions for **[PROJECT_NAME]**.
## Table of Contents
- [Prerequisites](#prerequisites)
- [Installation Methods](#installation-methods)
- [Quick Start](#quick-start)
- [Detailed Installation](#detailed-installation)
- [Configuration](#configuration)
- [Verification](#verification)
- [Troubleshooting](#troubleshooting)
- [Next Steps](#next-steps)
## Prerequisites
### System Requirements
- **Operating System**: [Specify supported OS versions]
- **Runtime**: [e.g., PHP 8.1+, Node.js 20+, Python 3.9+]
- **Memory**: [Minimum RAM required]
- **Disk Space**: [Minimum disk space required]
### Software Dependencies
**Required:**
- [List required dependencies with versions]
- Example: Git 2.30+
- Example: Composer 2.0+
**Optional:**
- [List optional dependencies]
### Access Requirements
- [Any required access permissions, credentials, or accounts]
- Example: GitHub account for cloning private repositories
- Example: Database access credentials
## Installation Methods
### Method 1: Using Package Manager (Recommended)
**For [Platform/Package Manager]:**
```bash
# Installation command
[package-manager] install [package-name]
# Verify installation
[package-name] --version
```
### Method 2: From Source
**Clone the repository:**
```bash
# Clone from GitHub
git clone https://github.com/[organization]/[repository].git
cd [repository]
# Checkout stable version (recommended)
git checkout tags/v[VERSION]
```
### Method 3: Using Pre-built Binary/Package
**Download and install:**
```bash
# Download release
wget https://github.com/[organization]/[repository]/releases/download/v[VERSION]/[package-name]
# Make executable (if applicable)
chmod +x [package-name]
# Move to system path (optional)
sudo mv [package-name] /usr/local/bin/
```
## Quick Start
For users who want to get started quickly:
```bash
# 1. Install
[installation-command]
# 2. Configure
[configuration-command]
# 3. Run
[run-command]
# 4. Verify
[verification-command]
```
## Detailed Installation
### Step 1: Prepare Environment
**1.1 Install System Dependencies**
For Ubuntu/Debian:
```bash
sudo apt update
sudo apt install [dependencies]
```
For macOS:
```bash
brew install [dependencies]
```
For Windows:
```powershell
# PowerShell commands or link to Windows-specific guide
```
**1.2 Set Up Environment Variables**
```bash
# Add to ~/.bashrc or ~/.zshrc
export [VAR_NAME]=[value]
# Reload shell configuration
source ~/.bashrc
```
### Step 2: Install Application
**2.1 Install via [Method]**
```bash
[Detailed installation commands with explanations]
```
**2.2 Install Dependencies**
```bash
# For PHP projects
composer install --no-dev
# For Node.js projects
npm install --production
# For Python projects
pip install -r requirements.txt
```
### Step 3: Initial Configuration
**3.1 Create Configuration File**
```bash
# Copy example configuration
cp config/config.example.php config/config.php
# Or use configuration wizard
php bin/configure.php
```
**3.2 Configure Database (if applicable)**
```bash
# Create database
mysql -u root -p -e "CREATE DATABASE [db_name];"
# Import schema
mysql -u root -p [db_name] < database/schema.sql
# Update configuration
nano config/database.php
```
**3.3 Set Permissions**
```bash
# Set appropriate ownership
sudo chown -R www-data:www-data /var/www/[project]
# Set directory permissions (755)
find /var/www/[project] -type d -exec chmod 755 {} \;
# Set file permissions (644 for most files)
find /var/www/[project] -type f -exec chmod 644 {} \;
# Make executable files executable (if needed)
chmod +x /var/www/[project]/bin/*
# Restrict sensitive directories (storage, cache, logs)
chmod 750 /var/www/[project]/storage
chmod 750 /var/www/[project]/cache
```
### Step 4: Initialize Application
**4.1 Run Setup Script**
```bash
# Run initialization
php bin/setup.php
# Or for other platforms
./scripts/setup.sh
```
**4.2 Create Admin User (if applicable)**
```bash
# Create first admin user
php bin/create-admin.php --email=admin@example.com --name="Admin User"
```
## Configuration
### Configuration Files
| File | Purpose | Required |
|------|---------|----------|
| `config/config.php` | Main configuration | Yes |
| `config/database.php` | Database settings | Yes |
| `config/cache.php` | Cache configuration | No |
| `.env` | Environment variables | Yes |
### Essential Configuration Options
**config/config.php:**
```php
return [
'app_name' => '[APPLICATION_NAME]',
'app_url' => 'https://example.com',
'debug' => false, // Set to true for development
'timezone' => 'UTC',
];
```
**Database Configuration:**
```php
return [
'host' => 'localhost',
'port' => 3306,
'database' => '[db_name]',
'username' => '[db_user]',
'password' => '[db_password]',
];
```
### Environment Variables
Create `.env` file:
```bash
APP_ENV=production
APP_DEBUG=false
APP_URL=https://example.com
DB_HOST=localhost
DB_PORT=3306
DB_DATABASE=[db_name]
DB_USERNAME=[db_user]
DB_PASSWORD=[db_password]
```
## Verification
### Verify Installation
**Check version:**
```bash
[command] --version
# Expected output: v[VERSION]
```
**Run health check:**
```bash
[command] health-check
# or
php bin/health-check.php
```
**Test basic functionality:**
```bash
# Run test command
[command] test
# Access web interface
curl http://localhost:[port]/health
```
### Expected Output
```
✓ Application installed successfully
✓ Database connection established
✓ All dependencies available
✓ Configuration valid
✓ System ready for use
```
## Troubleshooting
### Common Issues
#### Issue: Installation fails with dependency error
**Symptom:**
```
Error: Package [package-name] not found
```
**Solution:**
```bash
# Update package manager
[package-manager] update
# Retry installation
[package-manager] install [package-name]
```
#### Issue: Database connection fails
**Symptom:**
```
Error: SQLSTATE[HY000] [2002] Connection refused
```
**Solution:**
1. Verify database service is running:
```bash
sudo systemctl status mysql
```
2. Check database credentials in configuration
3. Verify database host and port are correct
#### Issue: Permission denied errors
**Symptom:**
```
Error: Permission denied: /var/www/[project]/storage
```
**Solution:**
```bash
# Fix ownership
sudo chown -R www-data:www-data /var/www/[project]
# Fix permissions
sudo chmod -R 755 /var/www/[project]/storage
```
### Getting Help
If you encounter issues not covered here:
1. **Check Logs:**
```bash
tail -f logs/application.log
tail -f /var/log/apache2/error.log
```
2. **Enable Debug Mode:**
```bash
# In config/config.php
'debug' => true
```
3. **Consult Documentation:**
- [Troubleshooting Guide](guide/troubleshooting.md)
- [FAQ](guide/faq.md)
4. **Community Support:**
- GitHub Issues: [link]
- Discussion Forum: [link]
- Email: support@example.com
## Next Steps
After successful installation:
1. **Review Configuration:**
- [Configuration Guide](guide/configuration.md)
- [Security Hardening](guide/security.md)
2. **Read Getting Started:**
- [Quick Start Guide](guide/quickstart.md)
- [User Guide](guide/user-guide.md)
3. **For Developers:**
- [Development Setup](development/setup.md)
- [Contributing Guidelines](../CONTRIBUTING.md)
4. **For Operators:**
- [Deployment Guide](deployment/procedures.md)
- [Monitoring Setup](operations/monitoring.md)
## Additional Resources
- [Project Documentation](README.md)
- [API Reference](reference/api/)
- [Change Log](../CHANGELOG.md)
- [Security Policy](../SECURITY.md)
---
## Support
For installation support:
- **Documentation**: Review all guides in [docs/guide/](guide/)
- **Issues**: Report problems at [GitHub Issues](https://github.com/[organization]/[repository]/issues)
- **Email**: support@mokoconsulting.tech
---
*Last Updated: [DATE]*
*Version: [VERSION]*
templates/docs/required/template-LICENSE.md
-694
View File
@@ -1,694 +0,0 @@
<!-- Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
This file is part of a Moko Consulting project.
SPDX-License-Identifier: GPL-3.0-or-later
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the IMPLIED WARRANTY of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License (./LICENSE.md).
# FILE INFORMATION
DEFGROUP:
INGROUP: Project.Documentation
REPO:
PATH: ./LICENSE.md
BRIEF: Project license (GPL-3.0-or-later)
-->
GNU GENERAL PUBLIC LICENSE
Version 3, 29 June 2007
Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/>
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
Preamble
The GNU General Public License is a free, copyleft license for
software and other kinds of works.
The licenses for most software and other practical works are designed
to take away your freedom to share and change the works. By contrast,
the GNU General Public License is intended to guarantee your freedom to
share and change all versions of a program--to make sure it remains free
software for all its users. We, the Free Software Foundation, use the
GNU General Public License for most of our software; it applies also to
any other work released this way by its authors. You can apply it to
your programs, too.
When we speak of free software, we are referring to freedom, not
price. Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
them if you wish), that you receive source code or can get it if you
want it, that you can change the software or use pieces of it in new
free programs, and that you know you can do these things.
To protect your rights, we need to prevent others from denying you
these rights or asking you to surrender the rights. Therefore, you have
certain responsibilities if you distribute copies of the software, or if
you modify it: responsibilities to respect the freedom of others.
For example, if you distribute copies of such a program, whether
gratis or for a fee, you must pass on to the recipients the same
freedoms that you received. You must make sure that they, too, receive
or can get the source code. And you must show them these terms so they
know their rights.
Developers that use the GNU GPL protect your rights with two steps:
(1) assert copyright on the software, and (2) offer you this License
giving you legal permission to copy, distribute and/or modify it.
For the developers' and authors' protection, the GPL clearly explains
that there is no warranty for this free software. For both users' and
authors' sake, the GPL requires that modified versions be marked as
changed, so that their problems will not be attributed erroneously to
authors of previous versions.
Some devices are designed to deny users access to install or run
modified versions of the software inside them, although the manufacturer
can do so. This is fundamentally incompatible with the aim of
protecting users' freedom to change the software. The systematic
pattern of such abuse occurs in the area of products for individuals to
use, which is precisely where it is most unacceptable. Therefore, we
have designed this version of the GPL to prohibit the practice for those
products. If such problems arise substantially in other domains, we
stand ready to extend this provision to those domains in future versions
of the GPL, as needed to protect the freedom of users.
Finally, every program is threatened constantly by software patents.
States should not allow patents to restrict development and use of
software on general-purpose computers, but in those that do, we wish to
avoid the special danger that patents applied to a free program could
make it effectively proprietary. To prevent this, the GPL assures that
patents cannot be used to render the program non-free.
The precise terms and conditions for copying, distribution and
modification follow.
TERMS AND CONDITIONS
0. Definitions.
"This License" refers to version 3 of the GNU General Public License.
"Copyright" also means copyright-like laws that apply to other kinds of
works, such as semiconductor masks.
"The Program" refers to any copyrightable work licensed under this
License. Each licensee is addressed as "you". "Licensees" and
"recipients" may be individuals or organizations.
To "modify" a work means to copy from or adapt all or part of the work
in a fashion requiring copyright permission, other than the making of an
exact copy. The resulting work is called a "modified version" of the
earlier work or a work "based on" the earlier work.
A "covered work" means either the unmodified Program or a work based
on the Program.
To "propagate" a work means to do anything with it that, without
permission, would make you directly or secondarily liable for
infringement under applicable copyright law, except executing it on a
computer or modifying a private copy. Propagation includes copying,
distribution (with or without modification), making available to the
public, and in some countries other activities as well.
To "convey" a work means any kind of propagation that enables other
parties to make or receive copies. Mere interaction with a user through
a computer network, with no transfer of a copy, is not conveying.
An interactive user interface displays "Appropriate Legal Notices"
to the extent that it includes a convenient and prominently visible
feature that (1) displays an appropriate copyright notice, and (2)
tells the user that there is no warranty for the work (except to the
extent that warranties are provided), that licensees may convey the
work under this License, and how to view a copy of this License. If
the interface presents a list of user commands or options, such as a
menu, a prominent item in the list meets this criterion.
1. Source Code.
The "source code" for a work means the preferred form of the work
for making modifications to it. "Object code" means any non-source
form of a work.
A "Standard Interface" means an interface that either is an official
standard defined by a recognized standards body, or, in the case of
interfaces specified for a particular programming language, one that
is widely used among developers working in that language.
The "System Libraries" of an executable work include anything, other
than the work as a whole, that (a) is included in the normal form of
packaging a Major Component, but which is not part of that Major
Component, and (b) serves only to enable use of the work with that
Major Component, or to implement a Standard Interface for which an
implementation is available to the public in source code form. A
"Major Component", in this context, means a major essential component
(kernel, window system, and so on) of the specific operating system
(if any) on which the executable work runs, or a compiler used to
produce the work, or an object code interpreter used to run it.
The "Corresponding Source" for a work in object code form means all
the source code needed to generate, install, and (for an executable
work) run the object code and to modify the work, including scripts to
control those activities. However, it does not include the work's
System Libraries, or general-purpose tools or generally available free
programs which are used unmodified in performing those activities but
which are not part of the work. For example, Corresponding Source
includes interface definition files associated with source files for
the work, and the source code for shared libraries and dynamically
linked subprograms that the work is specifically designed to require,
such as by intimate data communication or control flow between those
subprograms and other parts of the work.
The Corresponding Source need not include anything that users
can regenerate automatically from other parts of the Corresponding
Source.
The Corresponding Source for a work in source code form is that
same work.
2. Basic Permissions.
All rights granted under this License are granted for the term of
copyright on the Program, and are irrevocable provided the stated
conditions are met. This License explicitly affirms your unlimited
permission to run the unmodified Program. The output from running a
covered work is covered by this License only if the output, given its
content, constitutes a covered work. This License acknowledges your
rights of fair use or other equivalent, as provided by copyright law.
You may make, run and propagate covered works that you do not
convey, without conditions so long as your license otherwise remains
in force. You may convey covered works to others for the sole purpose
of having them make modifications exclusively for you, or provide you
with facilities for running those works, provided that you comply with
the terms of this License in conveying all material for which you do
not control copyright. Those thus making or running the covered works
for you must do so exclusively on your behalf, under your direction
and control, on terms that prohibit them from making any copies of
your copyrighted material outside their relationship with you.
Conveying under any other circumstances is permitted solely under
the conditions stated below. Sublicensing is not allowed; section 10
makes it unnecessary.
3. Protecting Users' Legal Rights From Anti-Circumvention Law.
No covered work shall be deemed part of an effective technological
measure under any applicable law fulfilling obligations under article
11 of the WIPO copyright treaty adopted on 20 December 1996, or
similar laws prohibiting or restricting circumvention of such
measures.
When you convey a covered work, you waive any legal power to forbid
circumvention of technological measures to the extent such circumvention
is effected by exercising rights under this License with respect to
the covered work, and you disclaim any intention to limit operation or
modification of the work as a means of enforcing, against the work's
users, your or third parties' legal rights to forbid circumvention of
technological measures.
4. Conveying Verbatim Copies.
You may convey verbatim copies of the Program's source code as you
receive it, in any medium, provided that you conspicuously and
appropriately publish on each copy an appropriate copyright notice;
keep intact all notices stating that this License and any
non-permissive terms added in accord with section 7 apply to the code;
keep intact all notices of the absence of any warranty; and give all
recipients a copy of this License along with the Program.
You may charge any price or no price for each copy that you convey,
and you may offer support or warranty protection for a fee.
5. Conveying Modified Source Versions.
You may convey a work based on the Program, or the modifications to
produce it from the Program, in the form of source code under the
terms of section 4, provided that you also meet all of these conditions:
a) The work must carry prominent notices stating that you modified
it, and giving a relevant date.
b) The work must carry prominent notices stating that it is
released under this License and any conditions added under section
7. This requirement modifies the requirement in section 4 to
"keep intact all notices".
c) You must license the entire work, as a whole, under this
License to anyone who comes into possession of a copy. This
License will therefore apply, along with any applicable section 7
additional terms, to the whole of the work, and all its parts,
regardless of how they are packaged. This License gives no
permission to license the work in any other way, but it does not
invalidate such permission if you have separately received it.
d) If the work has interactive user interfaces, each must display
Appropriate Legal Notices; however, if the Program has interactive
interfaces that do not display Appropriate Legal Notices, your
work need not make them do so.
A compilation of a covered work with other separate and independent
works, which are not by their nature extensions of the covered work,
and which are not combined with it such as to form a larger program,
in or on a volume of a storage or distribution medium, is called an
"aggregate" if the compilation and its resulting copyright are not
used to limit the access or legal rights of the compilation's users
beyond what the individual works permit. Inclusion of a covered work
in an aggregate does not cause this License to apply to the other
parts of the aggregate.
6. Conveying Non-Source Forms.
You may convey a covered work in object code form under the terms
of sections 4 and 5, provided that you also convey the
machine-readable Corresponding Source under the terms of this License,
in one of these ways:
a) Convey the object code in, or embodied in, a physical product
(including a physical distribution medium), accompanied by the
Corresponding Source fixed on a durable physical medium
customarily used for software interchange.
b) Convey the object code in, or embodied in, a physical product
(including a physical distribution medium), accompanied by a
written offer, valid for at least three years and valid for as
long as you offer spare parts or customer support for that product
model, to give anyone who possesses the object code either (1) a
copy of the Corresponding Source for all the software in the
product that is covered by this License, on a durable physical
medium customarily used for software interchange, for a price no
more than your reasonable cost of physically performing this
conveying of source, or (2) access to copy the
Corresponding Source from a network server at no charge.
c) Convey individual copies of the object code with a copy of the
written offer to provide the Corresponding Source. This
alternative is allowed only occasionally and noncommercially, and
only if you received the object code with such an offer, in accord
with subsection 6b.
d) Convey the object code by offering access from a designated
place (gratis or for a charge), and offer equivalent access to the
Corresponding Source in the same way through the same place at no
further charge. You need not require recipients to copy the
Corresponding Source along with the object code. If the place to
copy the object code is a network server, the Corresponding Source
may be on a different server (operated by you or a third party)
that supports equivalent copying facilities, provided you maintain
clear directions next to the object code saying where to find the
Corresponding Source. Regardless of what server hosts the
Corresponding Source, you remain obligated to ensure that it is
available for as long as needed to satisfy these requirements.
e) Convey the object code using peer-to-peer transmission, provided
you inform other peers where the object code and Corresponding
Source of the work are being offered to the general public at no
charge under subsection 6d.
A separable portion of the object code, whose source code is excluded
from the Corresponding Source as a System Library, need not be
included in conveying the object code work.
A "User Product" is either (1) a "consumer product", which means any
tangible personal property which is normally used for personal, family,
or household purposes, or (2) anything designed or sold for incorporation
into a dwelling. In determining whether a product is a consumer product,
doubtful cases shall be resolved in favor of coverage. For a particular
product received by a particular user, "normally used" refers to a
typical or common use of that class of product, regardless of the status
of the particular user or of the way in which the particular user
actually uses, or expects or is expected to use, the product. A product
is a consumer product regardless of whether the product has substantial
commercial, industrial or non-consumer uses, unless such uses represent
the only significant mode of use of the product.
"Installation Information" for a User Product means any methods,
procedures, authorization keys, or other information required to install
and execute modified versions of a covered work in that User Product from
a modified version of its Corresponding Source. The information must
suffice to ensure that the continued functioning of the modified object
code is in no case prevented or interfered with solely because
modification has been made.
If you convey an object code work under this section in, or with, or
specifically for use in, a User Product, and the conveying occurs as
part of a transaction in which the right of possession and use of the
User Product is transferred to the recipient in perpetuity or for a
fixed term (regardless of how the transaction is characterized), the
Corresponding Source conveyed under this section must be accompanied
by the Installation Information. But this requirement does not apply
if neither you nor any third party retains the ability to install
modified object code on the User Product (for example, the work has
been installed in ROM).
The requirement to provide Installation Information does not include a
requirement to continue to provide support service, warranty, or updates
for a work that has been modified or installed by the recipient, or for
the User Product in which it has been modified or installed. Access to a
network may be denied when the modification itself materially and
adversely affects the operation of the network or violates the rules and
protocols for communication across the network.
Corresponding Source conveyed, and Installation Information provided,
in accord with this section must be in a format that is publicly
documented (and with an implementation available to the public in
source code form), and must require no special password or key for
unpacking, reading or copying.
7. Additional Terms.
"Additional permissions" are terms that supplement the terms of this
License by making exceptions from one or more of its conditions.
Additional permissions that are applicable to the entire Program shall
be treated as though they were included in this License, to the extent
that they are valid under applicable law. If additional permissions
apply only to part of the Program, that part may be used separately
under those permissions, but the entire Program remains governed by
this License without regard to the additional permissions.
When you convey a copy of a covered work, you may at your option
remove any additional permissions from that copy, or from any part of
it. (Additional permissions may be written to require their own
removal in certain cases when you modify the work.) You may place
additional permissions on material, added by you to a covered work,
for which you have or can give appropriate copyright permission.
Notwithstanding any other provision of this License, for material you
add to a covered work, you may (if authorized by the copyright holders of
that material) supplement the terms of this License with terms:
a) Disclaiming warranty or limiting liability differently from the
terms of sections 15 and 16 of this License; or
b) Requiring preservation of specified reasonable legal notices or
author attributions in that material or in the Appropriate Legal
Notices displayed by works containing it; or
c) Prohibiting misrepresentation of the origin of that material, or
requiring that modified versions of such material be marked in
reasonable ways as different from the original version; or
d) Limiting the use for publicity purposes of names of licensors or
authors of the material; or
e) Declining to grant rights under trademark law for use of some
trade names, trademarks, or service marks; or
f) Requiring indemnification of licensors and authors of that
material by anyone who conveys the material (or modified versions of
it) with contractual assumptions of liability to the recipient, for
any liability that these contractual assumptions directly impose on
those licensors and authors.
All other non-permissive additional terms are considered "further
restrictions" within the meaning of section 10. If the Program as you
received it, or any part of it, contains a notice stating that it is
governed by this License along with a term that is a further
restriction, you may remove that term. If a license document contains
a further restriction but permits relicensing or conveying under this
License, you may add to a covered work material governed by the terms
of that license document, provided that the further restriction does
not survive such relicensing or conveying.
If you add terms to a covered work in accord with this section, you
must place, in the relevant source files, a statement of the
additional terms that apply to those files, or a notice indicating
where to find the applicable terms.
Additional terms, permissive or non-permissive, may be stated in the
form of a separately written license, or stated as exceptions;
the above requirements apply either way.
8. Termination.
You may not propagate or modify a covered work except as expressly
provided under this License. Any attempt otherwise to propagate or
modify it is void, and will automatically terminate your rights under
this License (including any patent licenses granted under the third
paragraph of section 11).
However, if you cease all violation of this License, then your
license from a particular copyright holder is reinstated (a)
provisionally, unless and until the copyright holder explicitly and
finally terminates your license, and (b) permanently, if the copyright
holder fails to notify you of the violation by some reasonable means
prior to 60 days after the cessation.
Moreover, your license from a particular copyright holder is
reinstated permanently if the copyright holder notifies you of the
violation by some reasonable means, this is the first time you have
received notice of violation of this License (for any work) from that
copyright holder, and you cure the violation prior to 30 days after
your receipt of the notice.
Termination of your rights under this section does not terminate the
licenses of parties who have received copies or rights from you under
this License. If your rights have been terminated and not permanently
reinstated, you do not qualify to receive new licenses for the same
material under section 10.
9. Acceptance Not Required for Having Copies.
You are not required to accept this License in order to receive or
run a copy of the Program. Ancillary propagation of a covered work
occurring solely as a consequence of using peer-to-peer transmission
to receive a copy likewise does not require acceptance. However,
nothing other than this License grants you permission to propagate or
modify any covered work. These actions infringe copyright if you do
not accept this License. Therefore, by modifying or propagating a
covered work, you indicate your acceptance of this License to do so.
10. Automatic Licensing of Downstream Recipients.
Each time you convey a covered work, the recipient automatically
receives a license from the original licensors, to run, modify and
propagate that work, subject to this License. You are not responsible
for enforcing compliance by third parties with this License.
An "entity transaction" is a transaction transferring control of an
organization, or substantially all assets of one, or subdividing an
organization, or merging organizations. If propagation of a covered
work results from an entity transaction, each party to that
transaction who receives a copy of the work also receives whatever
licenses to the work the party's predecessor in interest had or could
give under the previous paragraph, plus a right to possession of the
Corresponding Source of the work from the predecessor in interest, if
the predecessor has it or can get it with reasonable efforts.
You may not impose any further restrictions on the exercise of the
rights granted or affirmed under this License. For example, you may
not impose a license fee, royalty, or other charge for exercise of
rights granted under this License, and you may not initiate litigation
(including a cross-claim or counterclaim in a lawsuit) alleging that
any patent claim is infringed by making, using, selling, offering for
sale, or importing the Program or any portion of it.
11. Patents.
A "contributor" is a copyright holder who authorizes use under this
License of the Program or a work on which the Program is based. The
work thus licensed is called the contributor's "contributor version".
A contributor's "essential patent claims" are all patent claims
owned or controlled by the contributor, whether already acquired or
hereafter acquired, that would be infringed by some manner, permitted
by this License, of making, using, or selling its contributor version,
but do not include claims that would be infringed only as a
consequence of further modification of the contributor version. For
purposes of this definition, "control" includes the right to grant
patent sublicenses in a manner consistent with the requirements of
this License.
Each contributor grants you a non-exclusive, worldwide, royalty-free
patent license under the contributor's essential patent claims, to
make, use, sell, offer for sale, import and otherwise run, modify and
propagate the contents of its contributor version.
In the following three paragraphs, a "patent license" is any express
agreement or commitment, however denominated, not to enforce a patent
(such as an express permission to practice a patent or covenant not to
sue for patent infringement). To "grant" such a patent license to a
party means to make such an agreement or commitment not to enforce a
patent against the party.
If you convey a covered work, knowingly relying on a patent license,
and the Corresponding Source of the work is not available for anyone
to copy, free of charge and under the terms of this License, through a
publicly available network server or other readily accessible means,
then you must either (1) cause the Corresponding Source to be so
available, or (2) arrange to deprive yourself of the benefit of the
patent license for this particular work, or (3) arrange, in a manner
consistent with the requirements of this License, to extend the patent
license to downstream recipients. "Knowingly relying" means you have
actual knowledge that, but for the patent license, your conveying the
covered work in a country, or your recipient's use of the covered work
in a country, would infringe one or more identifiable patents in that
country that you have reason to believe are valid.
If, pursuant to or in connection with a single transaction or
arrangement, you convey, or propagate by procuring conveyance of, a
covered work, and grant a patent license to some of the parties
receiving the covered work authorizing them to use, propagate, modify
or convey a specific copy of the covered work, then the patent license
you grant is automatically extended to all recipients of the covered
work and works based on it.
A patent license is "discriminatory" if it does not include within
the scope of its coverage, prohibits the exercise of, or is
conditioned on the non-exercise of one or more of the rights that are
specifically granted under this License. You may not convey a covered
work if you are a party to an arrangement with a third party that is
in the business of distributing software, under which you make payment
to the third party based on the extent of your activity of conveying
the work, and under which the third party grants, to any of the
parties who would receive the covered work from you, a discriminatory
patent license (a) in connection with copies of the covered work
conveyed by you (or copies made from those copies), or (b) primarily
for and in connection with specific products or compilations that
contain the covered work, unless you entered into that arrangement,
or that patent license was granted, prior to 28 March 2007.
Nothing in this License shall be construed as excluding or limiting
any implied license or other defenses to infringement that may
otherwise be available to you under applicable patent law.
12. No Surrender of Others' Freedom.
If conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot convey a
covered work so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you may
not convey it at all. For example, if you agree to terms that obligate you
to collect a royalty for further conveying from those to whom you convey
the Program, the only way you could satisfy both those terms and this
License would be to refrain entirely from conveying the Program.
13. Use with the GNU Affero General Public License.
Notwithstanding any other provision of this License, you have
permission to link or combine any covered work with a work licensed
under version 3 of the GNU Affero General Public License into a single
combined work, and to convey the resulting work. The terms of this
License will continue to apply to the part which is the covered work,
but the special requirements of the GNU Affero General Public License,
section 13, concerning interaction through a network will apply to the
combination as such.
14. Revised Versions of this License.
The Free Software Foundation may publish revised and/or new versions of
the GNU General Public License from time to time. Such new versions will
be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.
Each version is given a distinguishing version number. If the
Program specifies that a certain numbered version of the GNU General
Public License "or any later version" applies to it, you have the
option of following the terms and conditions either of that numbered
version or of any later version published by the Free Software
Foundation. If the Program does not specify a version number of the
GNU General Public License, you may choose any version ever published
by the Free Software Foundation.
If the Program specifies that a proxy can decide which future
versions of the GNU General Public License can be used, that proxy's
public statement of acceptance of a version permanently authorizes you
to choose that version for the Program.
Later license versions may give you additional or different
permissions. However, no additional obligations are imposed on any
author or copyright holder as a result of your choosing to follow a
later version.
15. Disclaimer of Warranty.
THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
16. Limitation of Liability.
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
SUCH DAMAGES.
17. Interpretation of Sections 15 and 16.
If the disclaimer of warranty and limitation of liability provided
above cannot be given local legal effect according to their terms,
reviewing courts shall apply local law that most closely approximates
an absolute waiver of all civil liability in connection with the
Program, unless a warranty or assumption of liability accompanies a
copy of the Program in return for a fee.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest
to attach them to the start of each source file to most effectively
state the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the IMPLIED WARRANTY of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>.
Also add information on how to contact you by electronic and paper mail.
If the program does terminal interaction, make it output a short
notice like this when it starts in an interactive mode:
<program> Copyright (C) <year> <name of author>
This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate
parts of the General Public License. Of course, your program's commands
might be different; for a GUI interface, you would use an "about box".
You should also get your employer (if you work as a programmer) or school,
if any, to sign a "copyright disclaimer" for the program, if necessary.
For more information on this, and how to apply and follow the GNU GPL, see
<https://www.gnu.org/licenses/>.
The GNU General Public License does not permit incorporating your program
into proprietary programs. If your program is a subroutine library, you
may consider it more useful to permit linking proprietary applications with
the library. If this is what you want to do, use the GNU Lesser General
Public License instead of this License. But first, please read
<https://www.gnu.org/licenses/why-not-lgpl.html>.
templates/docs/required/template-README.md
-53
View File
@@ -1,53 +0,0 @@
<!--
Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
This file is part of a Moko Consulting project.
SPDX-License-Identifier: GPL-3.0-or-later
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the IMPLIED WARRANTY of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License (./LICENSE).
# FILE INFORMATION
DEFGROUP: {{DEFGROUP}}
INGROUP: {{INGROUP}}
REPO: https://git.mokoconsulting.tech/mokoconsulting-tech/{{REPO_NAME}}
PATH: /README.md
BRIEF: {{REPO_DESCRIPTION}}
-->
# {{REPO_NAME}}
[![License: GPL v3](https://img.shields.io/badge/License-GPLv3-blue.svg)](https://www.gnu.org/licenses/gpl-3.0)
[![mokocli](https://img.shields.io/badge/moko--platform-{{standards_version}}-orange)](https://git.mokoconsulting.tech/MokoConsulting/mokocli)
> {{REPO_DESCRIPTION}}
## Overview
<!-- Describe what this project does -->
## Installation
<!-- Installation instructions -->
## Usage
<!-- Usage examples -->
## Contributing
See [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines. This repository follows [mokocli](https://git.mokoconsulting.tech/MokoConsulting/mokocli).
## License
This project is licensed under the GNU General Public License v3.0 or later — see the [LICENSE](LICENSE) file for details.
Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
templates/docs/required/template-SECURITY.md
-239
View File
@@ -1,239 +0,0 @@
<!--
Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
This file is part of a Moko Consulting project.
SPDX-License-Identifier: GPL-3.0-or-later
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>.
# FILE INFORMATION
DEFGROUP: [PROJECT_NAME]
INGROUP: [PROJECT_NAME].Documentation
REPO: [REPOSITORY_URL]
PATH: /SECURITY.md
BRIEF: Security vulnerability reporting and handling policy
-->
# Security Policy
## Purpose and Scope
This document defines the security vulnerability reporting, response, and disclosure policy for [PROJECT_NAME] and all repositories governed by these standards. It establishes the authoritative process for responsible disclosure, assessment, remediation, and communication of security issues.
## Supported Versions
Security updates are provided for the following versions:
| Version | Supported |
| ------- | ------------------ |
| [X.x.x] | :white_check_mark: |
| < [X.0] | :x: |
Only the current major version receives security updates. Users should upgrade to the latest supported version to receive security patches.
## Reporting a Vulnerability
### Where to Report
**DO NOT** create public GitHub issues for security vulnerabilities.
Report security vulnerabilities privately to:
**Email**: `security@[DOMAIN]`
**Subject Line**: `[SECURITY] Brief Description`
### What to Include
A complete vulnerability report should include:
1. **Description**: Clear explanation of the vulnerability
2. **Impact**: Potential security impact and severity assessment
3. **Affected Versions**: Which versions are vulnerable
4. **Reproduction Steps**: Detailed steps to reproduce the issue
5. **Proof of Concept**: Code, configuration, or demonstration (if applicable)
6. **Suggested Fix**: Proposed remediation (if known)
7. **Disclosure Timeline**: Your expectations for public disclosure
### Response Timeline
* **Initial Response**: Within 3 business days
* **Assessment Complete**: Within 7 business days
* **Fix Timeline**: Depends on severity (see below)
* **Disclosure**: Coordinated with reporter
## Severity Classification
Vulnerabilities are classified using the following severity levels:
### Critical
* Remote code execution
* Authentication bypass
* Data breach or exposure of sensitive information
* **Fix Timeline**: 7 days
### High
* Privilege escalation
* SQL injection or command injection
* Cross-site scripting (XSS) with significant impact
* **Fix Timeline**: 14 days
### Medium
* Information disclosure (limited scope)
* Denial of service
* Security misconfigurations with moderate impact
* **Fix Timeline**: 30 days
### Low
* Security best practice violations
* Minor information leaks
* Issues requiring user interaction or complex preconditions
* **Fix Timeline**: 60 days or next release
## Remediation Process
1. **Acknowledgment**: Security team confirms receipt and begins investigation
2. **Assessment**: Vulnerability is validated, severity assigned, and impact analyzed
3. **Development**: Security patch is developed and tested
4. **Review**: Patch undergoes security review and validation
5. **Release**: Fixed version is released with security advisory
6. **Disclosure**: Public disclosure follows coordinated timeline
## Security Advisories
Security advisories are published via:
* GitHub Security Advisories
* Release notes and CHANGELOG.md
* Security mailing list (when established)
Advisories include:
* CVE identifier (if applicable)
* Severity rating
* Affected versions
* Fixed versions
* Mitigation steps
* Attribution (with reporter consent)
## Security Best Practices
For repositories adopting mokocli:
### Required Controls
* Enable GitHub security features (Dependabot, code scanning)
* Implement branch protection on `main`
* Require code review for all changes
* Enforce signed commits (recommended)
* Use secrets management (never commit credentials)
* Maintain security documentation
* Follow secure coding standards defined in `/docs/policy/`
### CI/CD Security
* Validate all inputs
* Sanitize outputs
* Use least privilege access
* Pin dependencies with hash verification
* Scan for vulnerabilities in dependencies
* Audit third-party actions and tools
#### Automated Security Scanning
All repositories MUST implement:
**CodeQL Analysis**:
* Enabled for all supported languages (Python, JavaScript, TypeScript, Java, C/C++, C#, Go, Ruby)
* Runs on: push to main, pull requests, weekly schedule
* Query sets: `security-extended` and `security-and-quality`
* Configuration: `.github/workflows/codeql-analysis.yml`
**Dependabot Security Updates**:
* Weekly scans for vulnerable dependencies
* Automated pull requests for security patches
* Configuration: `.github/dependabot.yml`
**Secret Scanning**:
* Enabled by default with push protection
* Prevents accidental credential commits
* Partner patterns enabled
**Dependency Review**:
* Required for all pull requests
* Blocks introduction of known vulnerable dependencies
* Automatic license compliance checking
See [Security Scanning Policy](docs/policy/security-scanning.md) for detailed requirements.
### Dependency Management
* Keep dependencies up to date
* Monitor security advisories for dependencies
* Remove unused dependencies
* Audit new dependencies before adoption
* Document security-critical dependencies
## Compliance and Governance
This security policy is binding for all repositories governed by mokocli. Deviations require documented justification and approval from the Security Owner.
Security policies are reviewed and updated at least annually or following significant security incidents.
## Attribution and Recognition
We acknowledge and appreciate responsible disclosure. With your permission, we will:
* Credit you in security advisories
* List you in CHANGELOG.md for the fix release
* Recognize your contribution publicly (if desired)
## Contact and Escalation
* **Security Team**: security@[DOMAIN]
* **Primary Contact**: [CONTACT_EMAIL]
* **Escalation**: For urgent matters requiring immediate attention, contact the maintainer directly via GitHub
## Out of Scope
The following are explicitly out of scope:
* Issues in third-party dependencies (report directly to maintainers)
* Social engineering attacks
* Physical security issues
* Denial of service via resource exhaustion without amplification
* Issues requiring physical access to systems
* Theoretical vulnerabilities without proof of exploitability
---
## Metadata
| Field | Value |
| ------------ | ----------------------------------------------- |
| Document | Security Policy |
| Path | /SECURITY.md |
| Repository | [REPOSITORY_URL] |
| Owner | [OWNER_NAME] |
| Scope | Security vulnerability handling |
| Applies To | All repositories governed by mokocli |
| Status | Active |
| Effective | [YYYY-MM-DD] |
## Revision History
| Date | Change Description | Author |
| ---------- | ------------------------------------------------- | --------------- |
| [YYYY-MM-DD] | Initial creation | [AUTHOR_NAME] |
templates/docs/required/template-TODO.md
-10
View File
@@ -1,10 +0,0 @@
# TODO
## Critical
-
## Normal
-
## Low
-
templates/fonts/Google/Open Sans-300.ttf
BIN
View File
Binary file not shown.
templates/fonts/Google/Open Sans-300italic.ttf
BIN
View File
Binary file not shown.
templates/fonts/Google/Open Sans-500.ttf
BIN
View File
Binary file not shown.
templates/fonts/Google/Open Sans-500italic.ttf
BIN
View File
Binary file not shown.
templates/fonts/Google/Open Sans-600.ttf
BIN
View File
Binary file not shown.
templates/fonts/Google/Open Sans-600italic.ttf
BIN
View File
Binary file not shown.
templates/fonts/Google/Open Sans-700.ttf
BIN
View File
Binary file not shown.
templates/fonts/Google/Open Sans-700italic.ttf
BIN
View File
Binary file not shown.
templates/fonts/Google/Open Sans-800.ttf
BIN
View File
Binary file not shown.
templates/fonts/Google/Open Sans-800italic.ttf
BIN
View File
Binary file not shown.
templates/fonts/Google/Open Sans-Italic.ttf
BIN
View File
Binary file not shown.
templates/fonts/Google/Open Sans-Regular.ttf
BIN
View File
Binary file not shown.

Some files were not shown because too many files have changed in this diff Show More