2026-06-06 - 2026-07-06
Overview
3 Releases published by 1 user
Published
release-candidate
MokoGitea-Fork (VERSION: 00.00.01-rc)
Published
development
MokoGitea-Fork (VERSION: 00.00.01-dev)
Published
stable
MokoGitea (VERSION: 06.21.00)
108 Pull requests merged by 1 user
Merged
#758 fix(ci): robust prod deploy — remove dev-health gate, kill tier-clobbering sed, rm -f before recreate
Merged
#757 chore(sync): cascade main -> dev
Merged
#733 Release: org-wide governance series (#727) — dev → main
Merged
#756 fix(ci): make Tests an independent job (work around Gitea needs-chain scheduler stall)
Merged
#755 fix(tests): repair tests/integration compile errors (upstream API/import drift)
Merged
#754 chore(manifest): remove deprecated .mokogitea/manifest.xml parser; mokoplatform→mokocli
Merged
#751 feat(ci): deploy-rc.yml — auto-deploy rc branch to the new RC environment
Merged
#750 feat: org branch protection per-user (username/email) allowlists + actions-bot toggle (#727)
Merged
#748 chore(sync): cascade main -> dev
Merged
#743 fix(locale): duplicate en-US key crashes boot under jsonv2 (#696/#728)
Merged
#742 fix(security): code scanner RE2 lookahead panics server at startup (#552)
Merged
#741 fix: org-governance release review findings + dev deploy targeting (#727, #733)
Merged
#739 docs(api): OpenAPI spec + README/CHANGELOG for org-governance (#727, #738)
Merged
#740 fix(ci): recreate dev container to avoid name conflict on deploy
Merged
#737 fix(ci): pass TAG/REGISTRY_TOKEN into remote shell in dev deploy
Merged
#736 fix: repair unit-test compile + vet failures (partial integration cleanup)
Merged
#735 fix: repair build (renamed org-visibility helper) + gofmt
Merged
#734 chore: remove stray package-lock.json accidentally committed to dev
Merged
#732 feat(org): org-level email domain policy for members (#727)
Merged
#731 feat(org): org-level repository defaults applied on repo create/transfer (#727)
Merged
#730 feat(org): org-level push policy enforced in the pre-receive hook (#727)
Merged
#729 feat(org): org-level tag protection, layered with per-repo protected tags (#727)
Merged
#728 fix(org): layer org-level branch protection with repo rules — most-restrictive wins (#727)
Merged
#726 fix: render org teams list and make issue type editable (#720, #721)
Merged
#724 fix: support radio inputs in admin system config form
Merged
#718 fix: remove orphaned deploy-manual workflow
Merged
#717 release: code security scanner (#552)
Merged
#716 feat: code security scanner with OWASP pattern detection (#552)
Merged
#715 fix: pr-check platform detection queries metadata API
Merged
#714 release: cascade merge, status presets, default teams, secret scanning
Merged
#710 feat: cascade merge — auto-create PRs to downstream branches after merge (#460)
Merged
#709 feat: issue status presets and cross-org migration (#507)
Merged
#713 feat: security scanning API + pre-receive hook blocking (#692)
Merged
#708 feat(orgs): auto-create default teams on org creation (#513)
Merged
#712 fix: cherry-pick upstream security fixes from v1.26.3 and v1.26.4
Merged
#707 release: branch protection delete allowlist (#696)
Merged
#706 feat: add delete allowlist for branch protection rules (#696)
Merged
#705 merge: sync main into dev
Merged
#704 fix: cherry-pick upstream v1.26.2 security and actions fixes
Merged
#703 release: token scope editing, ci-reporter refactor, workflow standardization
Merged
#701 refactor: centralize ci-issue-reporter into MokoCLI + reusable workflow
Merged
#700 feat: edit API token scopes + standardize workflow tokens
Merged
#699 feat: add ability to edit API token scopes
Merged
#698 feat: add licensing API token scope
Merged
#695 fix: correct dev health URL to git.dev.mokoconsulting.tech
Merged
#694 feat: wiki search, metadata deploy fields, workflow cleanup
Merged
#689 Release: Wiki redirects, code review fixes, bug fixes
Merged
#682 Release: Wiki system, licensing, issue statuses, metadata API
Merged
#662 fix: resolve all compile errors in licensing endpoints
Merged
#661 fix: use ctx.APIError in licensing endpoints (build fix)
Merged
#660 feat: licensing API phase 2 — validation, signed downloads, management, tier admin
Merged
#659 feat: DLID licensing system — tables, models, update endpoint
Merged
#657 feat: support .mokogitea, .profile, and .github as org/user profile repo names
Merged
#656 fix: MySQL 8.0 compat for migration v358 DROP COLUMN
Merged
#654 fix: remove missed DisplayName reference in manifest_sync.go
Merged
#653 feat: remove display_name, compute from extension_type + name (#650)
Merged
#648 Release: PackageType → ExtensionType rename + deploy fixes
Merged
#647 refactor: rename PackageType → ExtensionType (#646)
Merged
#645 fix: rename custom fields handlers, clean metadata API, remove Version field
Merged
#644 fix: lowercase Joomla element names, rename Manifest → Metadata (#635)
Merged
#642 merge: dev into main - remove version from manifest
Merged
#641 fix: remove version from manifest first-class fields
Merged
#640 merge: dev into main — CI workflow triggers + version bump
Merged
#639 merge: dev into main
Merged
#638 fix: Joomla update server — element names, platform gating, domain race
Merged
#634 fix: correct <client> tag per extension type in Joomla update feed (#611)
Merged
#614 chore: update changelog with 06.15.00 features
Merged
#613 feat(issues): make status_id, priority_id, type_id required on create (#598)
Merged
#612 feat(custom-fields): add required flag UI and API validation (#597)
Merged
#609 fix: deploy workflow clones wrong repo and runs swapoff
Merged
#608 fix: wiki API sub-page support and content response (#606, #607)
Merged
#605 fix: update server feed generation bugs (#601)
Merged
#600 fix(ui): open raw file links in new tab (#581)
Merged
#599 fix: return 404 for update feeds when update server is disabled (#589)
Merged
#590 feat: issue metadata API + org wiki tab
Merged
#591 feat: issue metadata API — first-class status, priority, type fields
Merged
#588 release: remove duplicate MCP, update submodule with manifest tools
Merged
#587 chore: remove duplicate .mokogitea/mcp, update mcp submodule with manifest tools
Merged
#586 release: template duplicate fix
Merged
#585 fix(manifest): remove duplicate element name block in template
Merged
#584 release: manifest distribution fields + update server fix
Merged
#583 feat(manifest): distribution metadata fields (phase 1 consolidation)
Merged
#579 release: fix update server disable bug
Merged
#577 fix: allow disabling update server once enabled
Merged
#576 release: template fix for manifest settings
Merged
#575 fix(manifest): fix template end mismatch in Joomla settings block
Merged
#574 release: manifest sync + element name + workflow rename
Merged
#573 fix(manifest): sync new fields + rename moko-platform everywhere
Merged
#572 feat(manifest): element name, version prefix, platform/language dropdowns
Merged
#571 release: manifest version prefix + platform/language dropdowns
Merged
#570 feat(manifest): version prefix + platform dropdown fix
Merged
#569 release: v1.26.1-moko.06.12 - rename + changelog + Joomla fix
Merged
#566 release: dependency scanner + CDN release delivery
Merged
#567 fix(licensing): hide require-key option for Joomla update servers
Merged
#565 feat(cdn): built-in CDN for release asset delivery
Merged
#562 feat(security): dependency vulnerability scanner
Merged
#560 chore: final version update
Merged
#559 fix(settings): remove duplicate description from manifest
Merged
#558 chore: wiki version update
Merged
#557 feat: Issue Types settings + MCP SSE + npm auto-publish
Merged
#556 fix(auth): login form with OAuth on all error pages
Merged
#547 fix(auth): show OAuth providers on 403 login form
Merged
#546 chore: changelog + MCP type/security tools
Merged
#544 chore: update wiki
Merged
#543 feat(issues): first-class Type field + list badges
Merged
#542 fix(ui): dashboard issue count badges
Merged
#541 feat(security): add Security tab to repo navigation
Merged
#540 feat(security): built-in security scanning platform (#508)
104 Issues closed from 2 users
Closed
#752 chore(deploy): rebuild + redeploy for moko-platform→mokocli manifest-schema rename (runner/mount preservation)
Closed
#749 Release notes from a curated release_notes.md (with CHANGELOG fallback + cycle reset)
Closed
#727 Org-level branch protection is stored but never enforced (no enforcement/materialization)
Closed
#720 [BUG] Teams page not showing teams in organization
Closed
#552 feat(security): code security analysis scanner module
Closed
#309 tech-debt: Add authorization header support to webhook integrations
Closed
#334 tech-debt: Miscellaneous frontend TODOs (stopwatch flicker, SVG access, mermaid dark mode)
Closed
#329 tech-debt: Migration framework does not handle foreign keys
Closed
#327 tech-debt: Fix WebAuthn credential type handling
Closed
#325 tech-debt: Actions/CI runner communication improvements
Closed
#321 tech-debt: Fix ACME/TLS setup path issues and install flow
Closed
#317 tech-debt: Fix abused repo status fields (broken, is_empty)
Closed
#312 tech-debt: Fix git command stderr handling design
Closed
#310 tech-debt: Fix incorrect Vite manifest CSS parser in backend
Closed
#483 feat: org-level custom fields for repos and issues — replace manifest.xml and per-repo field setup
Closed
#692 feat(security): built-in secret scanning (replace gitleaks CI workflow)
Closed
#513 feat(orgs): auto-create default teams on org creation
Closed
#507 feat(issues): standard status presets and cross-org status migration
Closed
#460 feat: cascade merge — auto-create PRs to downstream branches after merge
Closed
#696 feat: add delete whitelist to branch protection rules
Closed
#555 feat(issues): org settings pages for Issue Types
Closed
#693 feat: discover workflows in subdirectories of .mokogitea/workflows/
Closed
#383 fix: http content file render (#37850)
Closed
#382 fix(actions): ack re-sent UpdateLog finalize idempotently (#37885)
Closed
#381 fix(actions): reject workflow_dispatch for workflows without that trigger (#37660)
Closed
#380 fix(actions): keep action run title clickable when commit subject is a URL (#37867)
Closed
#379 fix(actions): exclude workflow_call from workflow trigger detection (#37894)
Closed
#225 fix(security): cherry-pick upstream v1.26.2 security and bug fixes
Closed
#232 fix(actions): reject workflow_dispatch for workflows without that trigger (#37660)
Closed
#231 fix(actions): keep action run title clickable when commit subject is a URL (#37867)
Closed
#230 fix(actions): exclude workflow_call from workflow trigger detection (#37894)
Closed
#229 fix(actions): ack re-sent UpdateLog finalize idempotently (#37885)
Closed
#301 feat(licenses): license validation API endpoint
Closed
#299 feat(licenses): multi-site keys and domain enforcement
Closed
#298 feat(licenses): key expiry editing and domain assignment UI
Closed
#297 feat(licenses): store and display full keys with copy button
Closed
#296 feat(licenses): full commercial license management system
Closed
#134 feat: release license key generation and management
Closed
#697 feat: add API permission scopes for custom features
Closed
#691 Custom issue status API endpoint returns 404
Closed
#675 feat(wiki): print view and export (PDF, ZIP, single-page HTML)
Closed
#674 feat(wiki): per-folder access control for wiki sections
Closed
#673 feat(wiki): enhanced table of contents — collapsible, numbered, floating
Closed
#671 feat(wiki): wiki templates — reusable content blocks via transclusion
Closed
#668 feat(wiki): page categories via frontmatter
Closed
#667 feat(wiki): revision diff — compare any two wiki page versions
Closed
#690 fix: org metadata API endpoints should respect org visibility for unauthenticated requests
Closed
#664 feat: allow _Sidebar.md to override auto-generated wiki sidebar
Closed
#672 feat(wiki): page rename/move with automatic redirects
Closed
#670 feat(wiki): recent changes feed and wiki activity page
Closed
#666 feat(wiki): internal wikilinks with [[Page Name]] syntax
Closed
#669 feat(wiki): backlinks — "What links here" for wiki pages
Closed
#681 feat: enforce required baseline issue statuses with custom status support
Closed
#680 feat: add folder-based tree sidebar to org wiki
Closed
#676 feat: make metadata/manifest API endpoint publicly accessible without auth
Closed
#545 feat(wiki): full-text search across wiki pages
Closed
#663 chore: fix wiki — MokoMokoGitea typos, stale refs, add licensing docs
Closed
#615 Multi-repo license keys — single DLID covers multiple repos per product tier
Closed
#616 ROADMAP — Multi-repo licensing system implementation plan
Closed
#625 License management dashboard — user-facing license list, domains, entitlements
Closed
#626 Admin license management — create, revoke, modify licenses and tiers
Closed
#631 Upgrade/downgrade flow — tier changes without new DLID
Closed
#630 MokoSuite CRM integration — license purchase, DLID delivery, customer portal
Closed
#629 License status widget — Joomla admin module showing tier, expiry, domains
Closed
#628 Shared MokoSuite system plugin — single DLID entry, auto-configure all update sites
Closed
#627 Product tier admin — define tiers and repo-to-tier mappings
Closed
#624 License management API — CRUD for admin and user dashboard
Closed
#622 Signed download endpoint — ed25519 time-limited download URLs
Closed
#623 License validation API — validate DLID + product + domain
Closed
#621 Update XML endpoint — Joomla-compatible update server with DLID validation
Closed
#620 Activation model — domain registration, limit enforcement
Closed
#619 Entitlement model — product code mapping, tier expansion
Closed
#618 License model — CRUD, DLID generation, validation logic
Closed
#617 Database migration — license, entitlement, activation, product_tier tables
Closed
#649 bug: manifest_update tool missing fields available in manifest API
Closed
#651 Support GitHub-style org and user profile repos (.github, .profile)
Closed
#655 feat: generate changelog.xml in update stream from release descriptions
Closed
#650 feat: auto-generate display_name from extension_type + repo name
Closed
#646 refactor: rename package_type to extension_type across model, API, and manifest sync
Closed
#635 fix: derive Joomla element name from package_type + repo name
Closed
#632 feat: serve TUF metadata for Joomla update server endpoints
Closed
#598 feat(issues): make status_id, priority_id, type_id required on issue create
Closed
#597 feat(custom-fields): add required flag to custom field definitions
Closed
#601 fix: update server feed generation bugs in joomla.go
Closed
#607 Wiki API: content_base64 empty in POST/PATCH responses
Closed
#606 Wiki API: sub-pages with path separators return 404
Closed
#604 fix: feed generator should use FullElementName() instead of raw ElementName
Closed
#603 fix: pre-release version suffix number lost in update feed
Closed
#602 fix: update feed emits string client values instead of numeric 0/1
Closed
#581 fix(ui): raw file button should open in new window
Closed
#589 bug: update server feeds still respond when feature is disabled
Closed
#592 fix: update feed generates wrong element and type for Joomla packages
Closed
#512 feat(updateserver): use repo_manifest as metadata source in feed generators
Closed
#554 feat(mcp): npm auto-publish workflow on release
Closed
#596 Deploy issue metadata API — status, priority, type first-class fields
Closed
#594 Org wiki tab: switch from standalone wiki repos to .profile wiki sidecars
Closed
#593 Merge org wiki repos into profile repo wikis
Closed
#582 feat(manifest): consolidate update server settings into manifest
Closed
#580 fix: opening dot files returns 403 error
Closed
#578 fix(ui): add raw file link button to file view
Closed
#548 chore: rename moko-platform to MokoPlatform
Closed
#561 feat: built-in CDN asset delivery platform
Closed
#551 feat(security): dependency vulnerability scanner module
Closed
#508 feat(security): built-in security scanning platform for repositories
91 Issues created by 1 user
Opened
#545 feat(wiki): full-text search across wiki pages
Opened
#548 chore: rename moko-platform to MokoPlatform
Opened
#550 feat(wiki): full-text search across wiki pages
Opened
#549 feat(wiki): bulk migrate remaining flat wikis to folder structure
Opened
#551 feat(security): dependency vulnerability scanner module
Opened
#553 feat(mcp): SSE endpoint hosted at git.mokoconsulting.tech/mcp
Opened
#552 feat(security): code security analysis scanner module
Opened
#554 feat(mcp): npm auto-publish workflow on release
Opened
#555 feat(issues): org settings pages for Issue Types
Opened
#561 feat: built-in CDN asset delivery platform
Opened
#563 feat(cdn): custom domain mapping per organization
Opened
#564 feat(orgs): white-label custom domain with org branding
Opened
#578 fix(ui): add raw file link button to file view
Opened
#580 fix: opening dot files returns 403 error
Opened
#581 fix(ui): raw file button should open in new window
Opened
#582 feat(manifest): consolidate update server settings into manifest
Opened
#589 bug: update server feeds still respond when feature is disabled
Opened
#592 fix: update feed generates wrong element and type for Joomla packages
Opened
#593 Merge org wiki repos into profile repo wikis
Opened
#594 Org wiki tab: switch from standalone wiki repos to .profile wiki sidecars
Opened
#596 Deploy issue metadata API — status, priority, type first-class fields
Opened
#597 feat(custom-fields): add required flag to custom field definitions
Opened
#598 feat(issues): make status_id, priority_id, type_id required on issue create
Opened
#601 fix: update server feed generation bugs in joomla.go
Opened
#602 fix: update feed emits string client values instead of numeric 0/1
Opened
#603 fix: pre-release version suffix number lost in update feed
Opened
#604 fix: feed generator should use FullElementName() instead of raw ElementName
Opened
#606 Wiki API: sub-pages with path separators return 404
Opened
#607 Wiki API: content_base64 empty in POST/PATCH responses
Opened
#615 Multi-repo license keys — single DLID covers multiple repos per product tier
Opened
#616 ROADMAP — Multi-repo licensing system implementation plan
Opened
#617 Database migration — license, entitlement, activation, product_tier tables
Opened
#618 License model — CRUD, DLID generation, validation logic
Opened
#619 Entitlement model — product code mapping, tier expansion
Opened
#620 Activation model — domain registration, limit enforcement
Opened
#621 Update XML endpoint — Joomla-compatible update server with DLID validation
Opened
#622 Signed download endpoint — ed25519 time-limited download URLs
Opened
#623 License validation API — validate DLID + product + domain
Opened
#624 License management API — CRUD for admin and user dashboard
Opened
#625 License management dashboard — user-facing license list, domains, entitlements
Opened
#626 Admin license management — create, revoke, modify licenses and tiers
Opened
#627 Product tier admin — define tiers and repo-to-tier mappings
Opened
#628 Shared MokoSuite system plugin — single DLID entry, auto-configure all update sites
Opened
#629 License status widget — Joomla admin module showing tier, expiry, domains
Opened
#630 MokoSuite CRM integration — license purchase, DLID delivery, customer portal
Opened
#631 Upgrade/downgrade flow — tier changes without new DLID
Opened
#632 feat: serve TUF metadata for Joomla update server endpoints
Opened
#635 fix: derive Joomla element name from package_type + repo name
Opened
#646 refactor: rename package_type to extension_type across model, API, and manifest sync
Opened
#649 bug: manifest_update tool missing fields available in manifest API
Opened
#650 feat: auto-generate display_name from extension_type + repo name
Opened
#651 Support GitHub-style org and user profile repos (.github, .profile)
Opened
#655 feat: generate changelog.xml in update stream from release descriptions
Opened
#663 chore: fix wiki — MokoMokoGitea typos, stale refs, add licensing docs
Opened
#664 feat: allow _Sidebar.md to override auto-generated wiki sidebar
Opened
#665 feat(wiki): CodeMirror editor for wiki pages (replace EasyMDE)
Opened
#666 feat(wiki): internal wikilinks with [[Page Name]] syntax
Opened
#667 feat(wiki): revision diff — compare any two wiki page versions
Opened
#668 feat(wiki): page categories via frontmatter
Opened
#669 feat(wiki): backlinks — "What links here" for wiki pages
Opened
#670 feat(wiki): recent changes feed and wiki activity page
Opened
#671 feat(wiki): wiki templates — reusable content blocks via transclusion
Opened
#672 feat(wiki): page rename/move with automatic redirects
Opened
#673 feat(wiki): enhanced table of contents — collapsible, numbered, floating
Opened
#674 feat(wiki): per-folder access control for wiki sections
Opened
#675 feat(wiki): print view and export (PDF, ZIP, single-page HTML)
Opened
#676 feat: make metadata/manifest API endpoint publicly accessible without auth
Opened
#680 feat: add folder-based tree sidebar to org wiki
Opened
#681 feat: enforce required baseline issue statuses with custom status support
Opened
#690 fix: org metadata API endpoints should respect org visibility for unauthenticated requests
Opened
#691 Custom issue status API endpoint returns 404
Opened
#692 feat(security): built-in secret scanning (replace gitleaks CI workflow)
Opened
#693 feat: discover workflows in subdirectories of .mokogitea/workflows/
Opened
#696 feat: add delete whitelist to branch protection rules
Opened
#697 feat: add API permission scopes for custom features
Opened
#719 (feat) Comprehensive Mobile Responsiveness Across All Pages
Opened
#720 [BUG] Teams page not showing teams in organization
Opened
#721 [BUG] Issue Type not editable
Opened
#722 Cleanup and Standardization of issue templates through ecosystem
Opened
#723 (feat) Issue and Pull Request Voting (Upvote / Downvote)
Opened
#725 Enforce dot-prefixed repositories are always private (cannot be made public)
Opened
#727 Org-level branch protection is stored but never enforced (no enforcement/materialization)
Opened
#738 Expand OpenAPI spec + MCP tooling for org-governance endpoints (#727 series)
Opened
#744 feat: let issue templates set MokoGitea first-class fields (priority / status / type / custom fields)
Opened
#745 Org default teams: add Protected option + bot-account naming/auto-membership follow-ups (#513)
Opened
#746 Auto-add the actions bot to the CI/CD team on org creation (#513)
Opened
#747 Add a dedicated system API/automation bot account (mokogitea-api)
Opened
#749 Release notes from a curated release_notes.md (with CHANGELOG fallback + cycle reset)
Opened
#752 chore(deploy): rebuild + redeploy for moko-platform→mokocli manifest-schema rename (runner/mount preservation)
Opened
#753 Manifest platform auto-detects as nodejs, not go — pin platform in .mokogitea manifest
Opened
#759 Audit client/extension repos for stale manifest metadata (element_name / extension_type) → silent no-update
18 Unresolved Conversations
Open
#34
feat: Audit log API
Open
#2
feat: Custom fields on issues
Open
#331
tech-debt: Dropzone upload path consistency and error handling
Open
#332
tech-debt: OAuth2 link account and app secret regeneration
Open
#328
tech-debt: Implement incomplete pull request tests
Open
#303
feat(licenses): master package protection rules
Open
#302
feat(licenses): channels multiselect from org streams
Open
#300
feat(licenses): payment webhook API endpoint
Open
#135
feat: payment gateway plugins for release licensing (PayPal + Stripe)
Open
#308
tech-debt: Implement multiple-project filter for issues
Open
#133
feat: independent visibility controls for issues, wiki, and projects
Open
#9
feat: granular role-based permissions for all features
Open
#57
feat: Dolibarr project auto-creation from repo
Open
#28
feat(ui): Issue kanban board view
Open
#58
feat: Dolibarr invoice generation from milestones
Open
#50
feat: Discussion/forum system
Open
#17
feat(api): Issue template management
Open
#19
feat(api): Extended repository settings