Merge branch 'main' into dev

Merge pull request 'fix(ui): details/summary toggle for create package' (#294 ) from fix/admin-delete-only into dev
fix(ui): use HTML details/summary for package create toggle
2026-05-31 04:22:29 +00:00 · 2026-05-31 04:22:08 +00:00 · 2026-05-30 23:21:42 -05:00 · 2026-05-31 04:19:17 +00:00 · 2026-05-31 04:19:04 +00:00 · 2026-05-31 04:18:53 +00:00
2379 changed files with 21564 additions and 19296 deletions
@@ -1,134 +0,0 @@
 # Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
 # SPDX-License-Identifier: GPL-3.0-or-later
 # BRIEF: Build MokoGitea Docker image, push to registry, and deploy
 name: Deploy MokoGitea
 on:
  workflow_dispatch:
    inputs:
      version:
        description: 'Version tag (e.g. v1.26.1-moko.2)'
        required: true
        default: 'latest'
      environment:
        description: 'Target environment'
        required: true
        default: 'dev'
        type: choice
        options:
          - dev
          - production
 concurrency:
  group: deploy-mokogitea
  cancel-in-progress: false
 env:
  REGISTRY: git.mokoconsulting.tech
  IMAGE: mokoconsulting/mokogitea
  DEPLOY_HOST: git.mokoconsulting.tech
  DEPLOY_PORT: 2918
  DEPLOY_USER: mokoconsulting
 jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - name: Determine settings
        id: config
        run: |
          VERSION="${{ github.event.inputs.version }}"
          ENV="${{ github.event.inputs.environment }}"
          if [ "$ENV" = "production" ]; then
            echo "compose_dir=/opt/gitea" >> $GITHUB_OUTPUT
            echo "container=mokogitea" >> $GITHUB_OUTPUT
            echo "source_dir=/opt/gitea/source" >> $GITHUB_OUTPUT
            echo "branch=main" >> $GITHUB_OUTPUT
            echo "tag=${VERSION}" >> $GITHUB_OUTPUT
          else
            echo "compose_dir=/opt/gitea-dev" >> $GITHUB_OUTPUT
            echo "container=mokogitea-dev" >> $GITHUB_OUTPUT
            echo "source_dir=/opt/gitea-dev/source" >> $GITHUB_OUTPUT
            echo "branch=dev" >> $GITHUB_OUTPUT
            echo "tag=${VERSION}-dev" >> $GITHUB_OUTPUT
          fi
      - name: Build, push, and deploy via SSH
        env:
          SSH_PRIVATE_KEY: ${{ secrets.DEPLOY_SSH_KEY }}
          TAG: ${{ steps.config.outputs.tag }}
          BRANCH: ${{ steps.config.outputs.branch }}
          SOURCE_DIR: ${{ steps.config.outputs.source_dir }}
          COMPOSE_DIR: ${{ steps.config.outputs.compose_dir }}
          CONTAINER: ${{ steps.config.outputs.container }}
        run: |
          mkdir -p ~/.ssh
          echo "$SSH_PRIVATE_KEY" > ~/.ssh/deploy_key
          chmod 600 ~/.ssh/deploy_key
          SSH_CMD="ssh -i ~/.ssh/deploy_key -p ${{ env.DEPLOY_PORT }} -o ConnectTimeout=30 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null ${{ env.DEPLOY_USER }}@${{ env.DEPLOY_HOST }}"
          $SSH_CMD "echo 'SSH connected'"
          # Pull latest source
          $SSH_CMD "
            set -e
            if [ ! -d ${SOURCE_DIR}/.git ]; then
              git clone -b ${BRANCH} https://git.mokoconsulting.tech/MokoConsulting/MokoGitea.git ${SOURCE_DIR}
            fi
            cd ${SOURCE_DIR}
            git fetch origin ${BRANCH}
            git reset --hard origin/${BRANCH}
          "
          # Build Docker image
          $SSH_CMD "
            set -e
            cd ${SOURCE_DIR}
            docker build --no-cache --build-arg GOFLAGS='-p 1' \
              --tag ${{ env.REGISTRY }}/${{ env.IMAGE }}:${TAG} \
              --tag ${{ env.REGISTRY }}/${{ env.IMAGE }}:latest \
              -f Dockerfile .
          "
          # Push to container registry
          $SSH_CMD "
            set -e
            docker push ${{ env.REGISTRY }}/${{ env.IMAGE }}:${TAG}
            docker push ${{ env.REGISTRY }}/${{ env.IMAGE }}:latest
          "
          # Update compose and restart
          $SSH_CMD "
            set -e
            cd ${COMPOSE_DIR}
            sed -i 's|${{ env.IMAGE }}:[^ ]*|${{ env.IMAGE }}:${TAG}|' docker-compose.yml
            docker compose up -d ${CONTAINER}
          "
          # Health check
          $SSH_CMD "
            for i in 1 2 3 4 5 6 7 8; do
              sleep 15
              if docker inspect --format='{{.State.Health.Status}}' ${CONTAINER} 2>/dev/null | grep -q healthy; then
                echo 'Container healthy!'
                docker inspect --format='Image: {{.Config.Image}}' ${CONTAINER}
                exit 0
              fi
              echo \"Waiting... (attempt \$i/8)\"
            done
            echo 'Health check failed'
            docker logs ${CONTAINER} --tail 20
            exit 1
          "
      - name: Verify
        run: |
          sleep 5
          curl -sf https://${{ env.DEPLOY_HOST }}/api/healthz && echo " — API healthy"
      - name: Notify on failure
        if: failure()
        run: echo "::error::Deploy failed for ${{ steps.config.outputs.tag }}"
@@ -44,7 +44,7 @@ linters:
              desc: use os or io instead
            - pkg: golang.org/x/exp
              desc: it's experimental and unreliable
-            - pkg: code.gitea.io/gitea/modules/git/internal
+            - pkg: git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/git/internal
              desc: do not use the internal package, use AddXxx function instead
            - pkg: gopkg.in/ini.v1
              desc: do not use the ini package, use gitea's config system instead
@@ -56,9 +56,9 @@ linters:
          files:
            - '**/models/migrations/**/*.go'
          deny:
-            - pkg: code.gitea.io/gitea/models$
+            - pkg: git.mokoconsulting.tech/MokoConsulting/MokoGitea/models$
              desc: migrations must not depend on the models package
-            - pkg: code.gitea.io/gitea/modules/structs
+            - pkg: git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/structs
              desc: migrations must not depend on modules/structs (API structures change over time)
    nolintlint:
      allow-unused: false
@@ -179,7 +179,7 @@ formatters:
      custom-order: true
      sections:
        - standard
-        - prefix(code.gitea.io/gitea)
+        - prefix(git.mokoconsulting.tech/MokoConsulting/MokoGitea)
        - blank
        - default
    gofumpt:
@@ -0,0 +1,9 @@
 ---
 name: ".mokogitea Test Template"
 about: "Verify .mokogitea issue templates work"
 labels: ["test"]
 ---
 This template was loaded from `.mokogitea/ISSUE_TEMPLATE/`.
 If you can see this, the `.mokogitea` dot-folder feature is working.
@@ -0,0 +1,251 @@
 # Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
 # SPDX-License-Identifier: GPL-3.0-or-later
 # FILE INFORMATION
 # DEFGROUP: Gitea.Workflow
 # INGROUP: moko-platform.Automation
 # REPO: https://git.mokoconsulting.tech/MokoConsulting/moko-platform
 # PATH: /.gitea/workflows/branch-protection.yml
 # BRIEF: Apply standardised branch protection rules to all governed repositories
 #
 # +========================================================================+
 # |                   BRANCH PROTECTION SETUP                              |
 # +========================================================================+
 # |                                                                        |
 # |  Applies protection rules for: main, dev, rc, beta, alpha       |
 # |                                                                        |
 # |  main  — Require PR, block rejected reviews, no force push             |
 # |  dev   — Allow push, no force push, no delete                          |
 # |  rc  — Allow push, no force push, no delete                          |
 # |  beta — Allow push, no force push, no delete                         |
 # |  alpha — Allow push, no force push, no delete                        |
 # |                                                                        |
 # |  jmiller has override authority on all branches.                       |
 # |                                                                        |
 # +========================================================================+
 name: Branch Protection Setup
 on:
  schedule:
    - cron: '0 2 * * 1'  # Weekly Monday 02:00 UTC
  workflow_dispatch:
    inputs:
      dry_run:
        description: 'Preview mode (no changes)'
        required: false
        type: boolean
        default: false
      repos:
        description: 'Comma-separated repo names (empty = all governed repos)'
        required: false
        type: string
        default: ''
 env:
  GITEA_URL: https://git.mokoconsulting.tech
  GITEA_ORG: MokoConsulting
 permissions:
  contents: read
 jobs:
  protect:
    name: Apply Branch Protection Rules
    runs-on: ubuntu-latest
    steps:
      - name: Determine target repos
        id: repos
        env:
          GA_TOKEN: ${{ secrets.GA_TOKEN }}
        run: |
          API="${GITEA_URL}/api/v1"
          # Platform/standards/infra repos to exclude
          EXCLUDE="gitea-org-config org-profile gitea-private .mokogitea-private MokoStandards moko-platform MokoTesting"
          EXCLUDE="$EXCLUDE MokoStandards-Template-Client MokoStandards-Template-Dolibarr MokoStandards-Template-Generic MokoStandards-Template-Joomla MokoDoliProjTemplate"
          if [ -n "${{ inputs.repos }}" ]; then
            # User-specified repos
            REPOS=$(echo "${{ inputs.repos }}" | tr ',' ' ')
          else
            # Fetch all org repos
            PAGE=1
            REPOS=""
            while true; do
              BATCH=$(curl -sS \
                -H "Authorization: token ${GA_TOKEN}" \
                "${API}/orgs/${GITEA_ORG}/repos?page=${PAGE}&limit=50" \
                | jq -r '.[].name // empty')
              [ -z "$BATCH" ] && break
              REPOS="$REPOS $BATCH"
              PAGE=$((PAGE + 1))
            done
            # Filter out excluded repos
            FILTERED=""
            for REPO in $REPOS; do
              SKIP=false
              for EX in $EXCLUDE; do
                if [ "$REPO" = "$EX" ]; then
                  SKIP=true
                  break
                fi
              done
              if [ "$SKIP" = "false" ]; then
                FILTERED="$FILTERED $REPO"
              fi
            done
            REPOS="$FILTERED"
          fi
          echo "repos=$REPOS" >> "$GITHUB_OUTPUT"
          COUNT=$(echo "$REPOS" | wc -w)
          echo "📋 Target repos (${COUNT}): $REPOS"
      - name: Apply protection rules
        env:
          GA_TOKEN: ${{ secrets.GA_TOKEN }}
          DRY_RUN: ${{ inputs.dry_run || 'false' }}
        run: |
          API="${GITEA_URL}/api/v1"
          REPOS="${{ steps.repos.outputs.repos }}"
          SUCCESS=0
          FAILED=0
          SKIPPED=0
          # ── Rule definitions ──────────────────────────────────────
          # Only the CI bot (jmiller token) can push directly.
          # All human contributors must use PRs.
          # Force push disabled on all branches.
          RULE_MAIN='{
            "rule_name": "main",
            "enable_push": true,
            "enable_push_whitelist": true,
            "push_whitelist_usernames": ["jmiller"],
            "enable_force_push": false,
            "enable_force_push_allowlist": false,
            "force_push_allowlist_usernames": [],
            "enable_merge_whitelist": false,
            "required_approvals": 0,
            "dismiss_stale_approvals": true,
            "block_on_rejected_reviews": true,
            "block_on_outdated_branch": false,
            "priority": 1
          }'
          RULE_DEV='{
            "rule_name": "dev",
            "enable_push": true,
            "enable_push_whitelist": true,
            "push_whitelist_usernames": ["jmiller"],
            "enable_force_push": false,
            "enable_force_push_allowlist": false,
            "force_push_allowlist_usernames": [],
            "enable_merge_whitelist": false,
            "required_approvals": 0,
            "block_on_rejected_reviews": false,
            "priority": 2
          }'
          RULE_RC='{
            "rule_name": "rc",
            "enable_push": true,
            "enable_push_whitelist": true,
            "push_whitelist_usernames": ["jmiller"],
            "enable_force_push": false,
            "enable_force_push_allowlist": false,
            "force_push_allowlist_usernames": [],
            "enable_merge_whitelist": false,
            "required_approvals": 0,
            "block_on_rejected_reviews": false,
            "priority": 3
          }'
          RULE_BETA='{
            "rule_name": "beta",
            "enable_push": true,
            "enable_push_whitelist": true,
            "push_whitelist_usernames": ["jmiller"],
            "enable_force_push": false,
            "enable_force_push_allowlist": false,
            "force_push_allowlist_usernames": [],
            "enable_merge_whitelist": false,
            "required_approvals": 0,
            "block_on_rejected_reviews": false,
            "priority": 4
          }'
          RULE_ALPHA='{
            "rule_name": "alpha",
            "enable_push": true,
            "enable_push_whitelist": true,
            "push_whitelist_usernames": ["jmiller"],
            "enable_force_push": false,
            "enable_force_push_allowlist": false,
            "force_push_allowlist_usernames": [],
            "enable_merge_whitelist": false,
            "required_approvals": 0,
            "block_on_rejected_reviews": false,
            "priority": 5
          }'
          RULES=("$RULE_MAIN" "$RULE_DEV" "$RULE_RC" "$RULE_BETA" "$RULE_ALPHA")
          RULE_NAMES=("main" "dev" "rc" "beta" "alpha")
          # ── Apply rules to each repo ──────────────────────────────
          for REPO in $REPOS; do
            echo ""
            echo "═══ ${REPO} ═══"
            for i in "${!RULES[@]}"; do
              RULE="${RULES[$i]}"
              NAME="${RULE_NAMES[$i]}"
              if [ "$DRY_RUN" = "true" ]; then
                echo "  [DRY RUN] Would apply rule: ${NAME}"
                SKIPPED=$((SKIPPED + 1))
                continue
              fi
              # Delete existing rule if present (idempotent recreate)
              ENCODED_NAME=$(echo "$NAME" | sed 's|/|%2F|g')
              curl -sS -o /dev/null -w "" \
                -X DELETE \
                -H "Authorization: token ${GA_TOKEN}" \
                "${API}/repos/${GITEA_ORG}/${REPO}/branch_protections/${ENCODED_NAME}" 2>/dev/null || true
              # Create rule
              RESPONSE=$(curl -sS -w "\n%{http_code}" \
                -X POST \
                -H "Authorization: token ${GA_TOKEN}" \
                -H "Content-Type: application/json" \
                -d "$RULE" \
                "${API}/repos/${GITEA_ORG}/${REPO}/branch_protections")
              HTTP=$(echo "$RESPONSE" | tail -1)
              BODY=$(echo "$RESPONSE" | sed '$d')
              if [ "$HTTP" = "201" ]; then
                echo "  ✅ ${NAME}"
                SUCCESS=$((SUCCESS + 1))
              else
                echo "  ❌ ${NAME} (HTTP ${HTTP}): $(echo "$BODY" | jq -r '.message // .' 2>/dev/null | head -1)"
                FAILED=$((FAILED + 1))
              fi
            done
          done
          # ── Summary ───────────────────────────────────────────────
          echo ""
          echo "════════════════════════════════════════"
          echo "  ✅ Success: ${SUCCESS}"
          echo "  ❌ Failed:  ${FAILED}"
          echo "  ⏭️  Skipped: ${SKIPPED}"
          echo "════════════════════════════════════════"
          if [ "$FAILED" -gt 0 ]; then
            echo "::warning::${FAILED} rule(s) failed to apply"
          fi
@@ -0,0 +1,20 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <moko-platform xmlns="https://standards.mokoconsulting.tech/moko-platform/1.0" schema-version="1.0">
    <identity>
        <name>MokoGitea</name>
        <org>MokoConsulting</org>
        <description>Moko fork of Gitea — adding project board REST API endpoints and custom enhancements</description>
        <version>05.14.00</version>
        <license spdx="GPL-3.0-or-later">GNU General Public License v3</license>
    </identity>
    <governance>
        <platform>go</platform>
        <standards-version>05.00.00</standards-version>
        <standards-source>https://git.mokoconsulting.tech/MokoConsulting/moko-platform</standards-source>
    </governance>
    <build>
        <language>Go</language>
        <package-type>application</package-type>
        <entry-point>./</entry-point>
    </build>
 </moko-platform>
@@ -0,0 +1,48 @@
 # Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
 #
 # SPDX-License-Identifier: GPL-3.0-or-later
 #
 # FILE INFORMATION
 # DEFGROUP: Gitea.Workflow
 # INGROUP: MokoStandards.Universal
 # REPO: https://git.mokoconsulting.tech/MokoConsulting/moko-platform
 # PATH: /.mokogitea/workflows/branch-cleanup.yml
 # VERSION: 01.00.00
 # BRIEF: Delete feature branches after PR merge
 name: "Branch Cleanup"
 on:
  pull_request:
    types: [closed]
 env:
  FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
 jobs:
  cleanup:
    name: Delete merged branch
    runs-on: ubuntu-latest
    if: >-
      github.event.pull_request.merged == true &&
      github.event.pull_request.head.ref != 'dev' &&
      github.event.pull_request.head.ref != 'main'
    steps:
      - name: Delete source branch
        run: |
          BRANCH="${{ github.event.pull_request.head.ref }}"
          API="${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}/api/v1/repos/${{ github.repository }}/branches"
          ENCODED=$(php -r "echo rawurlencode('${BRANCH}');")
          STATUS=$(curl -sf -o /dev/null -w "%{http_code}" -X DELETE \
            -H "Authorization: token ${{ secrets.MOKOGITEA_TOKEN }}" \
            "${API}/${ENCODED}" 2>/dev/null || true)
          if [ "$STATUS" = "204" ]; then
            echo "Deleted branch: ${BRANCH}" >> $GITHUB_STEP_SUMMARY
          elif [ "$STATUS" = "404" ]; then
            echo "Branch already deleted: ${BRANCH}" >> $GITHUB_STEP_SUMMARY
          else
            echo "::warning::Failed to delete branch ${BRANCH} (HTTP ${STATUS})"
          fi
@@ -0,0 +1,262 @@
 # Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
 # SPDX-License-Identifier: GPL-3.0-or-later
 # BRIEF: Build MokoGitea Docker image, push to registry, and deploy
 name: Deploy MokoGitea
 on:
  push:
    branches:
      - main
  workflow_dispatch:
    inputs:
      version:
        description: 'Version tag (e.g. v1.26.1-moko.05.01.00)'
        required: true
        default: 'latest'
      environment:
        description: 'Target environment'
        required: true
        default: 'dev'
        type: choice
        options:
          - dev
          - production
 concurrency:
  group: deploy-mokogitea
  cancel-in-progress: false
 env:
  REGISTRY: git.mokoconsulting.tech
  IMAGE: mokoconsulting/mokogitea
  DEPLOY_HOST: git.mokoconsulting.tech
  DEPLOY_PORT: 2918
  DEPLOY_USER: mokoconsulting
  FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
 jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout source (for version detection)
        uses: actions/checkout@v4
        with:
          fetch-depth: 0
      - name: Determine settings
        id: config
        run: |
          # On push to main, auto-deploy to production with git-derived version.
          # On workflow_dispatch, use the provided inputs.
          if [ "${{ github.event_name }}" = "push" ]; then
            VERSION=$(git describe --tags --always 2>/dev/null || echo "dev-$(git rev-parse --short HEAD)")
            ENV="production"
          else
            VERSION="${{ github.event.inputs.version }}"
            ENV="${{ github.event.inputs.environment }}"
          fi
          if [ "$ENV" = "production" ]; then
            echo "compose_dir=/opt/gitea" >> $GITHUB_OUTPUT
            echo "container=mokogitea" >> $GITHUB_OUTPUT
            echo "source_dir=/opt/gitea/source" >> $GITHUB_OUTPUT
            echo "branch=main" >> $GITHUB_OUTPUT
            echo "tag=${VERSION}" >> $GITHUB_OUTPUT
            echo "instance_url=https://git.mokoconsulting.tech" >> $GITHUB_OUTPUT
          else
            echo "compose_dir=/opt/gitea-dev" >> $GITHUB_OUTPUT
            echo "container=mokogitea-dev" >> $GITHUB_OUTPUT
            echo "source_dir=/opt/gitea-dev/source" >> $GITHUB_OUTPUT
            echo "branch=dev" >> $GITHUB_OUTPUT
            echo "tag=${VERSION}-dev" >> $GITHUB_OUTPUT
            echo "instance_url=https://git.dev.mokoconsulting.tech" >> $GITHUB_OUTPUT
          fi
      - name: Enable maintenance mode
        env:
          GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }}
          INSTANCE_URL: ${{ steps.config.outputs.instance_url }}
        run: |
          echo "Enabling maintenance mode on ${INSTANCE_URL}..."
          curl -sf -X POST \
            -H "Authorization: token ${GITEA_TOKEN}" \
            -H "Content-Type: application/x-www-form-urlencoded" \
            "${INSTANCE_URL}/-/admin/config" \
            -d 'key=instance.maintenance_mode&value={"AdminWebAccessOnly":true}' \
            || echo "WARNING: Could not enable maintenance mode (instance may be down)"
      - name: Build and deploy via SSH
        env:
          SSH_PRIVATE_KEY: ${{ secrets.DEPLOY_SSH_KEY }}
          TAG: ${{ steps.config.outputs.tag }}
          BRANCH: ${{ steps.config.outputs.branch }}
          SOURCE_DIR: ${{ steps.config.outputs.source_dir }}
          COMPOSE_DIR: ${{ steps.config.outputs.compose_dir }}
          CONTAINER: ${{ steps.config.outputs.container }}
        run: |
          mkdir -p ~/.ssh
          echo "$SSH_PRIVATE_KEY" > ~/.ssh/deploy_key
          chmod 600 ~/.ssh/deploy_key
          SSH_CMD="ssh -i ~/.ssh/deploy_key -p ${{ env.DEPLOY_PORT }} -o ConnectTimeout=30 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null ${{ env.DEPLOY_USER }}@${{ env.DEPLOY_HOST }}"
          $SSH_CMD "echo 'SSH connected'"
          # Pre-deploy cleanup: free disk and memory for the build
          $SSH_CMD "
            echo 'Cleaning Docker build cache and unused images...'
            docker builder prune -af 2>/dev/null || true
            docker image prune -af 2>/dev/null || true
            echo 'Clearing swap...'
            sudo swapoff -a && sudo swapon -a 2>/dev/null || true
            echo 'Cleanup complete'
            free -m | head -3
          "
          # Pull latest source
          $SSH_CMD "
            set -e
            if [ ! -d ${SOURCE_DIR}/.git ]; then
              git clone -b ${BRANCH} https://git.mokoconsulting.tech/MokoConsulting/MokoGitea.git ${SOURCE_DIR}
            fi
            cd ${SOURCE_DIR}
            git fetch origin ${BRANCH}
            git reset --hard origin/${BRANCH}
          "
          # Build Docker image
          $SSH_CMD "
            set -e
            cd ${SOURCE_DIR}
            docker build --no-cache --build-arg GOFLAGS='-p 1' \
              --tag ${{ env.REGISTRY }}/${{ env.IMAGE }}:${TAG} \
              --tag ${{ env.REGISTRY }}/${{ env.IMAGE }}:latest \
              -f Dockerfile .
          "
          # Push to container registry
          $SSH_CMD "
            set -e
            docker push ${{ env.REGISTRY }}/${{ env.IMAGE }}:${TAG}
            docker push ${{ env.REGISTRY }}/${{ env.IMAGE }}:latest
          "
          # Update compose and restart
          $SSH_CMD "
            set -e
            cd ${COMPOSE_DIR}
            sed -i 's|${{ env.IMAGE }}:[^ ]*|${{ env.IMAGE }}:${TAG}|' docker-compose.yml
            docker compose up -d ${CONTAINER}
          "
          # Health check
          $SSH_CMD "
            for i in 1 2 3 4 5 6 7 8; do
              sleep 15
              if docker inspect --format='{{.State.Health.Status}}' ${CONTAINER} 2>/dev/null | grep -q healthy; then
                echo 'Container healthy!'
                docker inspect --format='Image: {{.Config.Image}}' ${CONTAINER}
                exit 0
              fi
              echo \"Waiting... (attempt \$i/8)\"
            done
            echo 'Health check failed'
            docker logs ${CONTAINER} --tail 20
            exit 1
          "
      - name: Update updates.xml
        if: success()
        env:
          GITEA_TOKEN: ${{ secrets.MOKOGITEA_TOKEN }}
          TAG: ${{ steps.config.outputs.tag }}
          INSTANCE_URL: ${{ steps.config.outputs.instance_url }}
          DEPLOY_ENV: ${{ github.event.inputs.environment || 'production' }}
        run: |
          # Only update updates.xml for production stable releases
          if [ "$DEPLOY_ENV" != "production" ]; then
            echo "Skipping updates.xml — dev deployments don't update stable channel"
            exit 0
          fi
          # Extract moko version from tag (e.g. v1.26.1-moko.05.01.01 -> 05.01.01)
          MOKO_VER=$(echo "$TAG" | sed -n 's/.*-moko\.\(.*\)/\1/p')
          if [ -z "$MOKO_VER" ]; then
            echo "Could not extract moko version from tag: $TAG"
            exit 0
          fi
          RELEASE_URL="https://${REGISTRY}/MokoConsulting/MokoGitea/releases/tag/${TAG}"
          DOCKER_IMG="${REGISTRY}/${IMAGE}:${TAG}"
          python3 << PYEOF
          import json, os, re, base64, urllib.request
          token = os.environ["GITEA_TOKEN"]
          registry = os.environ["REGISTRY"]
          tag = os.environ["TAG"]
          moko_ver = os.environ["MOKO_VER"]
          release_url = os.environ["RELEASE_URL"]
          docker_img = os.environ["DOCKER_IMG"]
          api = f"https://{registry}/api/v1/repos/MokoConsulting/MokoGitea"
          # Fetch current updates.xml
          req = urllib.request.Request(f"{api}/contents/updates.xml?ref=main",
              headers={"Authorization": f"token {token}"})
          with urllib.request.urlopen(req) as resp:
              data = json.loads(resp.read())
          sha = data["sha"]
          content = base64.b64decode(data["content"]).decode("utf-8")
          # Update stable channel — match the <update> block containing <tag>stable</tag>
          def replace_channel(xml, channel, ver, url, docker):
              pattern = rf"(<update>\s*<name>MokoGitea</name>[\s\S]*?<tags><tag>{channel}</tag></tags>[\s\S]*?</update>)"
              def replacer(m):
                  block = m.group(1)
                  block = re.sub(r"<version>[^<]*</version>", f"<version>{ver}</version>", block)
                  block = re.sub(r"(<infourl[^>]*>)[^<]*(</infourl>)", rf"\1{url}\2", block)
                  block = re.sub(r"(<downloadurl[^>]*>)[^<]*(</downloadurl>)", rf"\1{docker}\2", block)
                  return block
              return re.sub(pattern, replacer, xml)
          content = replace_channel(content, "stable", moko_ver, release_url, docker_img)
          content = re.sub(r"VERSION: [^\n]*", f"VERSION: {moko_ver}", content)
          # Push updated file
          encoded = base64.b64encode(content.encode()).decode()
          payload = json.dumps({
              "message": f"chore(ci): update updates.xml to {moko_ver}",
              "content": encoded,
              "sha": sha,
              "branch": "main",
          }).encode()
          req = urllib.request.Request(f"{api}/contents/updates.xml",
              data=payload, method="PUT",
              headers={"Authorization": f"token {token}", "Content-Type": "application/json"})
          with urllib.request.urlopen(req) as resp:
              print(f"updates.xml updated to {moko_ver}")
          PYEOF
      - name: Disable maintenance mode
        if: always()
        env:
          GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }}
          INSTANCE_URL: ${{ steps.config.outputs.instance_url }}
        run: |
          echo "Disabling maintenance mode on ${INSTANCE_URL}..."
          curl -sf -X POST \
            -H "Authorization: token ${GITEA_TOKEN}" \
            -H "Content-Type: application/x-www-form-urlencoded" \
            "${INSTANCE_URL}/-/admin/config" \
            -d 'key=instance.maintenance_mode&value={"AdminWebAccessOnly":false}' \
            || echo "WARNING: Could not disable maintenance mode"
      - name: Verify
        run: |
          sleep 5
          curl -sf https://${{ env.DEPLOY_HOST }}/api/healthz && echo " — API healthy"
      - name: Notify on failure
        if: failure()
        run: echo "::error::Deploy failed for ${{ steps.config.outputs.tag }}"
@@ -0,0 +1,73 @@
 # Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
 #
 # SPDX-License-Identifier: GPL-3.0-or-later
 #
 # FILE INFORMATION
 # DEFGROUP: Gitea.Workflow
 # INGROUP: moko-platform.Automation
 # VERSION: 05.14.00
 # BRIEF: Auto-create feature branch when an issue is opened
 name: "Universal: Issue Branch"
 on:
  issues:
    types: [opened]
 permissions:
  contents: write
  issues: write
 env:
  GITEA_URL: ${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}
 jobs:
  create-branch:
    name: Create feature branch
    runs-on: ubuntu-latest
    steps:
      - name: Create branch and comment
        run: |
          TOKEN="${{ secrets.MOKOGITEA_TOKEN }}"
          API="${GITEA_URL}/api/v1/repos/${{ github.repository }}"
          ISSUE_NUM="${{ github.event.issue.number }}"
          ISSUE_TITLE="${{ github.event.issue.title }}"
          # Build slug from title: lowercase, replace non-alnum with dash, trim
          SLUG=$(echo "${ISSUE_TITLE}" | tr '[:upper:]' '[:lower:]' | sed 's/[^a-z0-9]/-/g' | sed 's/--*/-/g' | sed 's/^-//;s/-$//' | cut -c1-40)
          BRANCH="feature/${ISSUE_NUM}-${SLUG}"
          # Check dev branch exists
          DEV_EXISTS=$(curl -sf -o /dev/null -w '%{http_code}' \
            -H "Authorization: token ${TOKEN}" \
            "${API}/branches/dev" 2>/dev/null || echo "000")
          if [ "${DEV_EXISTS}" != "200" ]; then
            echo "No dev branch -- skipping"
            exit 0
          fi
          # Create branch from dev
          HTTP=$(curl -sf -o /dev/null -w '%{http_code}' -X POST \
            -H "Authorization: token ${TOKEN}" \
            -H "Content-Type: application/json" \
            "${API}/branches" \
            -d "{\"new_branch_name\":\"${BRANCH}\",\"old_branch_name\":\"dev\"}" 2>/dev/null || echo "000")
          if [ "${HTTP}" = "201" ]; then
            echo "Created branch: ${BRANCH}"
            # Comment on issue with branch link
            REPO_URL="${GITEA_URL}/${{ github.repository }}"
            BODY="Branch created: [\`${BRANCH}\`](${REPO_URL}/src/branch/${BRANCH})\n\n\`\`\`bash\ngit fetch origin\ngit checkout ${BRANCH}\n\`\`\`"
            curl -sf -X POST \
              -H "Authorization: token ${TOKEN}" \
              -H "Content-Type: application/json" \
              "${API}/issues/${ISSUE_NUM}/comments" \
              -d "{\"body\":\"${BODY}\"}" > /dev/null 2>&1
            echo "Commented on issue #${ISSUE_NUM}"
          else
            echo "Failed to create branch (HTTP ${HTTP}) -- may already exist"
          fi
@@ -0,0 +1,236 @@
 # Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
 #
 # SPDX-License-Identifier: GPL-3.0-or-later
 #
 # FILE INFORMATION
 # DEFGROUP: Gitea.Workflow
 # INGROUP: moko-platform.CI
 # REPO: https://git.mokoconsulting.tech/mokoconsulting-tech/moko-platform
 # PATH: /templates/workflows/universal/pr-check.yml.template
 # VERSION: 05.00.00
 # BRIEF: PR gate — branch policy + code validation before merge
 name: "Universal: PR Check"
 on:
  pull_request:
    types: [opened, synchronize, reopened, edited]
 permissions:
  contents: read
  pull-requests: write
 env:
  FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
 jobs:
  # ── Branch Policy ──────────────────────────────────────────────────────
  branch-policy:
    name: Branch Policy
    runs-on: ubuntu-latest
    steps:
      - name: Check branch merge target
        run: |
          HEAD="${{ github.head_ref }}"
          BASE="${{ github.base_ref }}"
          echo "PR: ${HEAD} → ${BASE}"
          ALLOWED=true
          REASON=""
          case "$HEAD" in
            feature/*|feat/*)
              if [ "$BASE" != "dev" ]; then
                ALLOWED=false
                REASON="Feature branches must target 'dev', not '${BASE}'"
              fi
              ;;
            fix/*|bugfix/*)
              if [ "$BASE" != "dev" ]; then
                ALLOWED=false
                REASON="Fix branches must target 'dev', not '${BASE}'"
              fi
              ;;
            patch/*)
              if [ "$BASE" != "dev" ] && [ "$BASE" != "rc" ]; then
                ALLOWED=false
                REASON="Patch branches must target 'dev' or 'rc', not '${BASE}'"
              fi
              ;;
            hotfix/*)
              if [ "$BASE" != "dev" ] && [ "$BASE" != "main" ]; then
                ALLOWED=false
                REASON="Hotfix branches can only target 'dev' or 'main', not '${BASE}'"
              fi
              ;;
            rc)
              if [ "$BASE" != "main" ]; then
                ALLOWED=false
                REASON="RC branch can only merge into 'main', not '${BASE}'"
              fi
              ;;
            dev)
              if [ "$BASE" != "main" ]; then
                ALLOWED=false
                REASON="Dev branch can only merge into 'main', not '${BASE}'"
              fi
              ;;
          esac
          if [ "$ALLOWED" = false ]; then
            echo "::error::${REASON}"
            echo "## Branch Policy Violation" >> $GITHUB_STEP_SUMMARY
            echo "" >> $GITHUB_STEP_SUMMARY
            echo "${REASON}" >> $GITHUB_STEP_SUMMARY
            echo "" >> $GITHUB_STEP_SUMMARY
            echo "### Allowed merge paths:" >> $GITHUB_STEP_SUMMARY
            echo "- \`feature/*\` → \`dev\`" >> $GITHUB_STEP_SUMMARY
            echo "- \`fix/*\` → \`dev\`" >> $GITHUB_STEP_SUMMARY
            echo "- \`hotfix/*\` → \`dev\` or \`main\`" >> $GITHUB_STEP_SUMMARY
            echo "- \`dev\` → \`main\`" >> $GITHUB_STEP_SUMMARY
            echo "- \`rc/*\` → \`main\`" >> $GITHUB_STEP_SUMMARY
            exit 1
          fi
          echo "Branch policy: OK (${HEAD} → ${BASE})"
          echo "## Branch Policy: Passed" >> $GITHUB_STEP_SUMMARY
  # ── Code Validation ────────────────────────────────────────────────────
  validate:
    name: Validate PR
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4
      - name: Detect platform
        id: platform
        run: |
          # Read platform from XML manifest (<platform> tag) or plain text fallback
          PLATFORM=$(sed -n 's/.*<platform>\([^<]*\)<\/platform>.*/\1/p' .mokogitea/manifest.xml 2>/dev/null | head -1)
          [ -z "$PLATFORM" ] && PLATFORM=$(cat .mokogitea/manifest.xml 2>/dev/null | tr -d '[:space:]')
          [ -z "$PLATFORM" ] && PLATFORM="generic"
          echo "platform=$PLATFORM" >> "$GITHUB_OUTPUT"
      - name: Setup PHP
        if: steps.platform.outputs.platform == 'joomla' || steps.platform.outputs.platform == 'dolibarr'
        run: |
          if ! command -v php &> /dev/null; then
            sudo apt-get update -qq
            sudo apt-get install -y -qq php-cli php-mbstring php-xml >/dev/null 2>&1
          fi
      - name: PHP syntax check
        if: steps.platform.outputs.platform == 'joomla' || steps.platform.outputs.platform == 'dolibarr'
        run: |
          ERRORS=0
          while IFS= read -r -d '' file; do
            if ! php -l "$file" 2>&1 | grep -q "No syntax errors"; then
              ERRORS=$((ERRORS + 1))
            fi
          done < <(find . -name "*.php" -not -path "./.git/*" -not -path "./vendor/*" -print0)
          echo "PHP lint: ${ERRORS} error(s)"
          [ "$ERRORS" -eq 0 ] || { echo "::error::PHP syntax errors found"; exit 1; }
      - name: Validate platform manifest
        run: |
          PLATFORM="${{ steps.platform.outputs.platform }}"
          case "$PLATFORM" in
            joomla)
              MANIFEST=$(find . -maxdepth 3 -name "*.xml" ! -path "./.git/*" -exec grep -l '<extension' {} \; 2>/dev/null | head -1)
              if [ -z "$MANIFEST" ]; then
                echo "::warning::No Joomla manifest found (WaaS site)"
                exit 0
              fi
              echo "Manifest: ${MANIFEST}"
              if command -v php &> /dev/null; then
                php -r "libxml_use_internal_errors(true); \$x = simplexml_load_file('$MANIFEST'); if(!\$x){foreach(libxml_get_errors() as \$e) echo \$e->message; exit(1);}" || { echo "::error::Manifest XML is malformed"; exit 1; }
              fi
              for ELEMENT in name version description; do
                grep -q "<${ELEMENT}>" "$MANIFEST" || { echo "::error::Missing <${ELEMENT}> in manifest"; exit 1; }
              done
              echo "Joomla manifest valid"
              ;;
            dolibarr)
              MOD_FILE=$(find . -maxdepth 4 -name "mod*.class.php" ! -path "./.git/*" -exec grep -l 'extends DolibarrModules' {} \; 2>/dev/null | head -1)
              if [ -z "$MOD_FILE" ]; then
                echo "::error::No mod*.class.php found"
                exit 1
              fi
              echo "Dolibarr module: ${MOD_FILE}"
              ;;
            *)
              echo "Generic platform — no manifest validation"
              ;;
          esac
      - name: Check update stream format
        run: |
          PLATFORM="${{ steps.platform.outputs.platform }}"
          case "$PLATFORM" in
            joomla)
              if [ -f "updates.xml" ]; then
                if command -v php &> /dev/null; then
                  php -r "libxml_use_internal_errors(true); \$x = simplexml_load_file('updates.xml'); if(!\$x){foreach(libxml_get_errors() as \$e) echo \$e->message; exit(1);}" || { echo "::error::updates.xml is malformed"; exit 1; }
                fi
                echo "updates.xml valid"
              fi
              ;;
            dolibarr)
              [ -f "update.txt" ] && echo "update.txt present" || echo "::warning::No update.txt"
              ;;
          esac
      - name: Check changelog has unreleased entry
        run: |
          if [ ! -f "CHANGELOG.md" ]; then
            echo "::warning::No CHANGELOG.md found"
            exit 0
          fi
          # Check for content under [Unreleased] section
          if ! grep -q "## \[Unreleased\]" CHANGELOG.md; then
            echo "::error::CHANGELOG.md missing [Unreleased] section"
            exit 1
          fi
          # Check there's at least one entry (Added/Changed/Fixed/Removed) under Unreleased
          UNRELEASED_CONTENT=$(sed -n '/## \[Unreleased\]/,/## \[/p' CHANGELOG.md | grep -cE '^\s*-\s' || true)
          if [ "$UNRELEASED_CONTENT" -eq 0 ]; then
            echo "::error::CHANGELOG.md [Unreleased] section has no entries. Add a changelog entry describing your changes."
            echo "## Changelog Check: Failed" >> $GITHUB_STEP_SUMMARY
            echo "The \`[Unreleased]\` section in CHANGELOG.md has no entries." >> $GITHUB_STEP_SUMMARY
            echo "Add a line like \`- Description of your change\` under a heading (\`### Added\`, \`### Changed\`, \`### Fixed\`, etc.)" >> $GITHUB_STEP_SUMMARY
            exit 1
          fi
          echo "Changelog: ${UNRELEASED_CONTENT} entry/entries in [Unreleased]"
      - name: Verify package source
        run: |
          SOURCE_DIR="src"
          [ ! -d "$SOURCE_DIR" ] && SOURCE_DIR="htdocs"
          if [ ! -d "$SOURCE_DIR" ]; then
            echo "::warning::No src/ or htdocs/ directory"
            exit 0
          fi
          FILE_COUNT=$(find "$SOURCE_DIR" -type f | wc -l)
          echo "Source: ${FILE_COUNT} files"
          [ "$FILE_COUNT" -gt 0 ] || { echo "::error::Source directory is empty"; exit 1; }
  # ── Pre-Release RC Build ─────────────────────────────────────────────────
  pre-release:
    name: Build RC Package
    runs-on: ubuntu-latest
    needs: [branch-policy, validate]
    steps:
      - name: Trigger RC pre-release
        env:
          GA_TOKEN: ${{ secrets.MOKOGITEA_TOKEN }}
          REPO: ${{ github.repository }}
          BRANCH: ${{ github.head_ref }}
          GITEA_URL: ${{ vars.GITEA_URL || 'https://git.mokoconsulting.tech' }}
        run: |
          curl -s -X POST             "${GITEA_URL}/api/v1/repos/${REPO}/actions/workflows/pre-release.yml/dispatches"             -H "Authorization: token ${GITEA_TOKEN}"             -H "Content-Type: application/json"             -d "{\"ref\":\"${BRANCH}\",\"inputs\":{\"stability\":\"release-candidate\"}}"
          echo "### Pre-Release" >> $GITHUB_STEP_SUMMARY
          echo "Triggered RC build on branch \`${BRANCH}\`" >> $GITHUB_STEP_SUMMARY
@@ -0,0 +1,170 @@
 # Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
 # SPDX-License-Identifier: GPL-3.0-or-later
 # BRIEF: Auto-build RC release on PR to main, update RC update stream
 name: "PR RC Release"
 on:
  pull_request:
    types: [opened, synchronize]
 env:
  FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
  REGISTRY: git.mokoconsulting.tech
  IMAGE: mokoconsulting/mokogitea
 permissions:
  contents: write
 jobs:
  rc-release:
    name: Build RC Release
    runs-on: ubuntu-latest
    steps:
      - name: Check target branch
        id: guard
        env:
          BASE_BRANCH: ${{ github.base_ref }}
        run: |
          echo "PR target: ${BASE_BRANCH}"
          if [ "$BASE_BRANCH" != "main" ]; then
            echo "skip=true" >> "$GITHUB_OUTPUT"
            echo "Skipping RC — only for PRs targeting main"
          else
            echo "skip=false" >> "$GITHUB_OUTPUT"
          fi
      - name: Checkout PR branch
        if: steps.guard.outputs.skip != 'true'
        uses: actions/checkout@v4
        with:
          ref: ${{ github.event.pull_request.head.sha }}
          fetch-depth: 0
      - name: Determine RC version
        if: steps.guard.outputs.skip != 'true'
        id: version
        env:
          PR_NUMBER: ${{ github.event.pull_request.number }}
        run: |
          BASE_VERSION=$(sed -n 's/.*<version>\(.*\)<\/version>.*/\1/p' updates.xml | head -1)
          [ -z "$BASE_VERSION" ] && BASE_VERSION="04.00.00"
          RC_VERSION="${BASE_VERSION}-rc.${PR_NUMBER}"
          RC_TAG="v1.26.1-moko.${RC_VERSION}"
          echo "version=$RC_VERSION" >> "$GITHUB_OUTPUT"
          echo "tag=$RC_TAG" >> "$GITHUB_OUTPUT"
          echo "RC version: $RC_VERSION (tag: $RC_TAG)"
      - name: Update updates.xml RC channel
        if: steps.guard.outputs.skip != 'true'
        env:
          RC_VERSION: ${{ steps.version.outputs.version }}
          RC_TAG: ${{ steps.version.outputs.tag }}
          PR_URL: ${{ github.event.pull_request.html_url }}
          PR_NUM: ${{ github.event.pull_request.number }}
        run: |
          DOCKER_TAG="${REGISTRY}/${IMAGE}:${RC_TAG}"
          python3 << 'PYEOF'
          import os, re
          rc_version = os.environ["RC_VERSION"]
          rc_tag = os.environ["RC_TAG"]
          pr_url = os.environ["PR_URL"]
          pr_num = os.environ["PR_NUM"]
          docker_tag = os.environ["REGISTRY"] + "/" + os.environ["IMAGE"] + ":" + rc_tag
          entry = f"""  <update>
            <name>MokoGitea</name>
            <description>MokoGitea RC from PR #{pr_num}</description>
            <element>mokogitea</element>
            <type>application</type>
            <version>{rc_version}</version>
            <client>server</client>
            <tags><tag>rc</tag></tags>
            <infourl title="MokoGitea RC">{pr_url}</infourl>
            <downloads>
              <downloadurl type="full" format="docker">{docker_tag}</downloadurl>
            </downloads>
            <sha256></sha256>
            <targetplatform name="mokogitea" version="((1\\.25\\.)|(1\\.26\\.))" />
            <maintainer>Moko Consulting</maintainer>
            <maintainerurl>https://mokoconsulting.tech</maintainerurl>
          </update>"""
          content = open("updates.xml").read()
          # Remove existing RC entry
          content = re.sub(
              r"\s*<update>[\s\S]*?<tag>rc</tag>[\s\S]*?</update>",
              "",
              content,
          )
          # Insert before </updates>
          content = content.replace("</updates>", entry + "\n</updates>")
          open("updates.xml", "w").write(content)
          print(f"Updated updates.xml with RC entry: {rc_version}")
          PYEOF
      - name: Create RC release
        if: steps.guard.outputs.skip != 'true'
        env:
          GITEA_TOKEN: ${{ secrets.MOKOGITEA_TOKEN }}
          RC_TAG: ${{ steps.version.outputs.tag }}
          RC_VERSION: ${{ steps.version.outputs.version }}
          PR_TITLE: ${{ github.event.pull_request.title }}
          PR_URL: ${{ github.event.pull_request.html_url }}
          PR_NUMBER: ${{ github.event.pull_request.number }}
          HEAD_SHA: ${{ github.event.pull_request.head.sha }}
          API_BASE: https://${{ env.REGISTRY }}/api/v1/repos/${{ github.repository }}
        run: |
          # Delete existing RC release/tag if present
          curl -s -X DELETE -H "Authorization: token ${GITEA_TOKEN}" \
            "${API_BASE}/releases/tags/${RC_TAG}" 2>/dev/null || true
          curl -s -X DELETE -H "Authorization: token ${GITEA_TOKEN}" \
            "${API_BASE}/tags/${RC_TAG}" 2>/dev/null || true
          # Create prerelease
          python3 << PYEOF
          import json, os, urllib.request
          api = os.environ["API_BASE"]
          token = os.environ["GITEA_TOKEN"]
          payload = json.dumps({
              "tag_name": os.environ["RC_TAG"],
              "target_commitish": os.environ["HEAD_SHA"],
              "name": f"RC: {os.environ['PR_TITLE']}",
              "body": f"Release candidate from PR #{os.environ['PR_NUMBER']}\n\nPR: {os.environ['PR_URL']}\nDocker: docker pull {os.environ['REGISTRY']}/{os.environ['IMAGE']}:{os.environ['RC_TAG']}",
              "draft": False,
              "prerelease": True,
          }).encode()
          req = urllib.request.Request(
              f"{api}/releases",
              data=payload,
              headers={
                  "Authorization": f"token {token}",
                  "Content-Type": "application/json",
              },
              method="POST",
          )
          with urllib.request.urlopen(req) as resp:
              result = json.loads(resp.read())
              print(f"Created RC release: {result.get('tag_name')}")
          PYEOF
      - name: Commit updates.xml
        if: steps.guard.outputs.skip != 'true'
        env:
          GITEA_TOKEN: ${{ secrets.MOKOGITEA_TOKEN }}
          HEAD_REF: ${{ github.event.pull_request.head.ref }}
          PR_NUM: ${{ github.event.pull_request.number }}
        run: |
          git config user.name "MokoGitea Bot"
          git config user.email "deploy@mokoconsulting.tech"
          git add updates.xml
          if git diff --cached --quiet; then
            echo "No changes to updates.xml"
          else
            git commit -m "chore(ci): update RC stream for PR #${PR_NUM}"
            git push origin "HEAD:${HEAD_REF}" || echo "Push failed"
          fi
@@ -0,0 +1,12 @@
 # Test workflow to verify .mokogitea/ directory is discovered
 name: Test .mokogitea workflows
 on:
  workflow_dispatch:
 jobs:
  test:
    runs-on: ubuntu-latest
    steps:
      - name: Verify .mokogitea
        run: echo "This workflow ran from .mokogitea/workflows/ — feature works!"
@@ -0,0 +1,167 @@
 # Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
 # SPDX-License-Identifier: GPL-3.0-or-later
 # BRIEF: Sync upstream Gitea bug fixes into MokoGitea issue tracker
 name: Upstream Bug Sync
 on:
  schedule:
    - cron: '0 8 * * *'  # daily at 08:00 UTC
  workflow_dispatch:
    inputs:
      days_back:
        description: 'How many days back to scan (default: 7)'
        required: false
        default: '7'
 env:
  FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
 jobs:
  sync:
    runs-on: ubuntu-latest
    steps:
      - name: Sync upstream bugs
        env:
          GH_TOKEN: ${{ secrets.GH_MIRROR_TOKEN }}
          MOKOGITEA_TOKEN: ${{ secrets.GITEA_TOKEN }}
          MOKOGITEA_URL: https://git.mokoconsulting.tech
          MOKOGITEA_REPO: MokoConsulting/MokoGitea
          UPSTREAM_BRANCH: release/v1.26
          DAYS_BACK: ${{ github.event.inputs.days_back || '7' }}
        run: |
          python3 << 'PYEOF'
          import json, os, re, sys, urllib.parse, urllib.request
          from datetime import datetime, timedelta, timezone
          GH_TOKEN = os.environ["GH_TOKEN"]
          MOKO_TOKEN = os.environ["MOKOGITEA_TOKEN"]
          MOKO_URL = os.environ["MOKOGITEA_URL"]
          MOKO_REPO = os.environ["MOKOGITEA_REPO"]
          BRANCH = os.environ["UPSTREAM_BRANCH"]
          DAYS = int(os.environ.get("DAYS_BACK", "7"))
          # Label IDs in MokoGitea
          LABELS = {
              "type_bug": 5757, "upstream": 5758, "security": 5032,
              "critical": 5018, "high": 5019, "medium": 5020, "low": 5021,
          }
          def gh_get(url):
              req = urllib.request.Request(url, headers={
                  "Authorization": f"token {GH_TOKEN}",
                  "Accept": "application/vnd.github.v3+json",
              })
              with urllib.request.urlopen(req) as r:
                  return json.loads(r.read())
          def moko_get(path):
              req = urllib.request.Request(f"{MOKO_URL}/api/v1/{path}", headers={
                  "Authorization": f"token {MOKO_TOKEN}",
              })
              with urllib.request.urlopen(req) as r:
                  return json.loads(r.read())
          def moko_post(path, data):
              payload = json.dumps(data).encode()
              req = urllib.request.Request(f"{MOKO_URL}/api/v1/{path}",
                  data=payload, method="POST", headers={
                      "Authorization": f"token {MOKO_TOKEN}",
                      "Content-Type": "application/json",
                  })
              with urllib.request.urlopen(req) as r:
                  return json.loads(r.read())
          # ── Step 1: Find recently merged upstream PRs ──
          since = (datetime.now(timezone.utc) - timedelta(days=DAYS)).strftime("%Y-%m-%dT%H:%M:%SZ")
          query = f"repo:go-gitea/gitea is:pr is:merged base:{BRANCH} merged:>={since}"
          encoded = urllib.parse.quote(query)
          print(f"Scanning: {query}")
          result = gh_get(f"https://api.github.com/search/issues?q={encoded}&per_page=100&sort=updated&order=desc")
          total = result["total_count"]
          print(f"Found {total} merged PRs in the last {DAYS} days")
          if total == 0:
              print("Nothing to sync.")
              sys.exit(0)
          # ── Step 2: Filter for bug/security fixes ──
          bugs = []
          for pr in result["items"]:
              title = pr["title"]
              label_names = [l["name"].lower() for l in pr.get("labels", [])]
              is_fix = title.lower().startswith("fix")
              is_security = any("security" in l for l in label_names) or "[security]" in title.lower()
              is_bug = any("bug" in l for l in label_names)
              if not (is_fix or is_security or is_bug):
                  continue
              refs = re.findall(r"#(\d+)", title)
              severity = "critical" if is_security and "[security]" in title.lower() else \
                         "high" if is_security else "medium"
              bugs.append({
                  "number": pr["number"], "title": title, "url": pr["html_url"],
                  "severity": severity, "is_security": is_security, "refs": refs,
                  "merged": pr.get("pull_request", {}).get("merged_at", "")[:10],
              })
          print(f"Filtered to {len(bugs)} bug/security fixes")
          if not bugs:
              sys.exit(0)
          # ── Step 3: Collect already-tracked PR numbers ──
          tracked = set()
          for state in ["open", "closed"]:
              try:
                  issues = moko_get(f"repos/{MOKO_REPO}/issues?state={state}&type=issues&limit=50&labels=upstream")
                  for iss in issues:
                      text = (iss.get("body") or "") + " " + (iss.get("title") or "")
                      tracked.update(re.findall(r"(?:#|/pull/)(\d{4,})", text))
              except Exception:
                  pass
          print(f"Already tracked: {len(tracked)} upstream PRs")
          # ── Step 4: Create issues for new bugs ──
          created = skipped = errors = 0
          for bug in bugs:
              if any(r in tracked for r in bug["refs"]):
                  print(f"  SKIP #{bug['number']}: {bug['title'][:55]} (tracked)")
                  skipped += 1
                  continue
              labels = [LABELS["type_bug"], LABELS["upstream"], LABELS[bug["severity"]]]
              if bug["is_security"]:
                  labels.append(LABELS["security"])
              body = (
                  f"## Summary\n\n"
                  f"Upstream bug fix merged into `{BRANCH}`.\n\n"
                  f"## Upstream Reference\n\n"
                  f"- PR: {bug['url']}\n"
                  f"- Merged: {bug['merged']}\n"
                  f"- Branch: {BRANCH}\n\n"
                  f"## Severity: {bug['severity'].title()}"
                  f"{'  (security)' if bug['is_security'] else ''}\n\n"
                  f"## Action\n\n"
                  f"Cherry-pick from upstream `{BRANCH}` branch.\n\n"
                  f"---\n"
                  f"*Auto-created by upstream-bug-sync workflow*\n"
                  f"*Authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>*"
              )
              try:
                  iss = moko_post(f"repos/{MOKO_REPO}/issues", {
                      "title": bug["title"], "body": body, "labels": labels,
                  })
                  print(f"  CREATED #{iss['number']}: {bug['title'][:55]}")
                  created += 1
              except Exception as e:
                  print(f"  ERROR #{bug['number']}: {e}")
                  errors += 1
          print(f"\n=== Done: {created} created, {skipped} skipped, {errors} errors ===")
          PYEOF
@@ -1,293 +1,161 @@
-# Contribution Guidelines
+# Contributing to Moko Consulting Projects
-This document explains how to contribute changes to the Gitea project. Topic-specific guides live in separate files so the essentials are easier to find.
+Thank you for your interest in contributing. All Moko Consulting repositories follow this universal workflow and version policy.
-| Topic | Document |
+## Branching Workflow
 | :---- | :------- |
 | Backend (Go modules, API v1) | [docs/guideline-backend.md](docs/guideline-backend.md) |
 | Frontend (npm, UI guidelines) | [docs/guideline-frontend.md](docs/guideline-frontend.md) |
 | Maintainers, TOC, labels, merge queue, commit format for mergers | [docs/community-governance.md](docs/community-governance.md) |
 | Release cycle, backports, tagging releases | [docs/release-management.md](docs/release-management.md) |
 <details><summary>Table of Contents</summary>
 - [Contribution Guidelines](#contribution-guidelines)
  - [Introduction](#introduction)
  - [AI Contribution Policy](#ai-contribution-policy)
  - [Issues](#issues)
    - [How to report issues](#how-to-report-issues)
    - [Types of issues](#types-of-issues)
    - [Discuss your design before the implementation](#discuss-your-design-before-the-implementation)
    - [Issue locking](#issue-locking)
  - [Building Gitea](#building-gitea)
  - [Styleguide](#styleguide)
  - [Copyright](#copyright)
  - [Testing](#testing)
  - [Translation](#translation)
  - [Code review](#code-review)
    - [Pull request format](#pull-request-format)
    - [PR title and summary](#pr-title-and-summary)
    - [Breaking PRs](#breaking-prs)
      - [What is a breaking PR?](#what-is-a-breaking-pr)
      - [How to handle breaking PRs?](#how-to-handle-breaking-prs)
    - [Maintaining open PRs](#maintaining-open-prs)
    - [Reviewing PRs](#reviewing-prs)
      - [For PR authors](#for-pr-authors)
  - [Documentation](#documentation)
  - [Developer Certificate of Origin (DCO)](#developer-certificate-of-origin-dco)
 </details>
 ## Introduction
 It assumes you have followed the [installation instructions](https://docs.gitea.com/category/installation). \
 Sensitive security-related issues should be reported to [security@gitea.io](mailto:security@gitea.io).
 For configuring IDEs for Gitea development, see the [contributed IDE configurations](contrib/ide/).
 ## AI Contribution Policy
 Contributions made with the assistance of AI tools are welcome, but contributors must use them responsibly and disclose that use clearly.
 1. Review AI-generated code closely before marking a pull request ready for review.
 2. Manually test the changes and add appropriate automated tests where feasible.
 3. Only use AI to assist in contributions that you understand well enough to explain, defend, and revise yourself during review.
 4. Disclose AI-assisted content clearly.
 5. Do not use AI to reply to questions about your issue or pull request. The questions are for you, not an AI model.
 6. AI may be used to help draft issues and pull requests, but contributors remain responsible for the accuracy, completeness, and intent of what they submit.
 Maintainers reserve the right to close pull requests and issues that do not disclose AI assistance, that appear to be low-quality AI-generated content, or where the contributor cannot explain or defend the proposed changes themselves.
 We welcome new contributors, but cannot sustain the effort of supporting contributors who primarily defer to AI rather than engaging substantively with the review process.
 ## Issues
 ### How to report issues
 Please search the issues on the issue tracker with a variety of related keywords to ensure that your issue has not already been reported.
 If your issue has not been reported yet, [open an issue](https://github.com/go-gitea/gitea/issues/new)
 and answer the questions so we can understand and reproduce the problematic behavior. \
 Please write clear and concise instructions so that we can reproduce the behavior — even if it seems obvious. \
 The more detailed and specific you are, the faster we can fix the issue. \
 It is really helpful if you can reproduce your problem on a site running on the latest commits, i.e. <https://demo.gitea.com>, as perhaps your problem has already been fixed on a current version. \
 Please follow the guidelines described in [How to Report Bugs Effectively](http://www.chiark.greenend.org.uk/~sgtatham/bugs.html) for your report.
 Please be kind—remember that Gitea comes at no cost to you, and you're getting free help.
 ### Types of issues
 Typically, issues fall in one of the following categories:
 - `bug`: Something in the frontend or backend behaves unexpectedly
 - `security issue`: bug that has serious implications such as leaking another users data. Please do not file such issues on the public tracker and send a mail to security@gitea.io instead
 - `feature`: Completely new functionality. You should describe this feature in enough detail that anyone who reads the issue can understand how it is supposed to be implemented
 - `enhancement`: An existing feature should get an upgrade
 - `refactoring`: Parts of the code base don't conform with other parts and should be changed to improve Gitea's maintainability
 ### Discuss your design before the implementation
 We welcome submissions. \
 If you want to change or add something, please let everyone know what you're working on — [file an issue](https://github.com/go-gitea/gitea/issues/new) or comment on an existing one before starting your work!
 Significant changes such as new features must go through the change proposal process before they can be accepted. \
 This is mainly to save yourself the trouble of implementing it, only to find out that your proposed implementation has some potential problems. \
 Furthermore, this process gives everyone a chance to validate the design, helps prevent duplication of effort, and ensures that the idea fits inside
 the goals for the project and tools.
 Pull requests should not be the place for architecture discussions.
 ### Issue locking
 Commenting on closed or merged issues/PRs is strongly discouraged.
 Such comments will likely be overlooked as some maintainers may not view notifications on closed issues, thinking that the item is resolved.
 As such, commenting on closed/merged issues/PRs may be disabled prior to the scheduled auto-locking if a discussion starts or if unrelated comments are posted.
 If further discussion is needed, we encourage you to open a new issue instead and we recommend linking to the issue/PR in question for context.
 ## Building Gitea
 See the [development setup instructions](https://docs.gitea.com/development/hacking-on-gitea).
 ## Styleguide
 You should always run `make fmt` before committing to conform to Gitea's styleguide.
 ## Copyright
 New code files that you contribute should use the standard copyright header:
 ```
-// Copyright <current year> The Gitea Authors. All rights reserved.
+feature/* ──PR──> dev ──draft PR──> (renamed to rc) ──merge──> main
 // SPDX-License-Identifier: MIT
 ```
-Afterwards, copyright should only be modified when the copyright author changes.
+### Step by step
-## Testing
+1. **Create a feature branch** from `dev`:
   ```bash
   git checkout dev && git pull
   git checkout -b feature/my-change
   ```
-Before submitting a pull request, run all tests to make sure your changes don't cause a regression elsewhere.
+2. **Work and commit** on your feature branch. Push to origin.
-Here's how to run the test suite:
+3. **Open a PR**: `feature/my-change` → `dev`. After review and checks, merge it.
- code lint
+4. **When ready for release**, open a **draft PR**: `dev` → `main`.
   - This automatically renames the source branch to `rc` (release candidate)
   - An RC pre-release is built and uploaded
-|                       |                                                                              |
+5. **Alpha and beta branches** are created by manually renaming the branch before the RC stage:
-| :-------------------- | :--------------------------------------------------------------------------- |
+   - Rename `dev` to `alpha` for early testing → alpha pre-release is built
-|``make lint``          | lint everything (not needed if you only change the front- **or** backend)    |
+   - Rename `alpha` to `beta` for feature-complete testing → beta pre-release is built
-|``make lint-frontend`` | lint frontend files                                                          |
+   - When the draft PR is created, the branch is renamed to `rc`
 |``make lint-backend``  | lint backend files                                                           |
- run tests (we suggest running them on Linux)
+6. **Once PR checks pass** on the `rc` branch, mark the PR as ready and merge to `main`.
-| Command                                       | Action                                               |                                             |
+7. **Merging to main** triggers the stable release pipeline:
-|:----------------------------------------------|:-----------------------------------------------------| ------------------------------------------- |
+   - Minor version bump (e.g., `02.09.xx` → `02.10.00`)
-| ``make test-backend[\#SpecificTestName]``     | run unit test(s)                                     |                                             |
+   - Stability suffix stripped (clean version)
-| ``make test-integration[\#SpecificTestName]`` | run [integration](tests/integration) test(s)         | [More details](tests/integration/README.md) |
+   - Gitea release created with ZIP/tar.gz packages
-| ``make test-e2e``                             | run [end-to-end](tests/e2e) test(s) using Playwright |                                             |
+   - `updates.xml` updated (Joomla extensions)
   - `dev` branch recreated from `main`
- E2E test environment variables
+### Branch summary
-| Variable                          | Description                                                 |
+| Branch | Purpose | Created by |
-| :-------------------------------- | :---------------------------------------------------------- |
+|--------|---------|-----------|
-| ``GITEA_TEST_E2E_DEBUG``          | When set, show Gitea server output                          |
+| `feature/*` | New features and fixes | Developer |
-| ``GITEA_TEST_E2E_FLAGS``          | Additional flags passed to Playwright, for example ``--ui`` |
+| `dev` | Integration branch | Auto-recreated after release |
-| ``GITEA_TEST_E2E_TIMEOUT_FACTOR`` | Timeout multiplier (default: 4 on CI, 1 locally)            |
+| `alpha` | Alpha pre-release testing | Manual rename from `dev` |
 | `beta` | Beta pre-release testing | Manual rename from `alpha` |
 | `rc` | Release candidate | Auto-renamed on draft PR to main |
 | `main` | Stable releases | Protected, merge only |
 | `version/XX.YY.ZZ` | Archived release snapshots | Auto-created by CI |
-## Translation
+### Protected branches
-All translation work happens on [Crowdin](https://translate.gitea.com).
+| Branch | Direct push | Merge via |
-The only translation that is maintained in this repository is [the English translation](https://github.com/go-gitea/gitea/blob/main/options/locale/locale_en-US.json).
+|--------|------------|-----------|
-It is synced regularly with Crowdin. \
+| `main` | Blocked (CI bot whitelisted) | PR merge only |
-Other locales on main branch **should not** be updated manually as they will be overwritten with each sync. \
+| `dev` | Blocked (CI bot whitelisted) | PR merge from feature/* |
-Once a language has reached a **satisfactory percentage** of translated keys (~25%), it will be synced back into this repo and included in the next released version.
+| `rc` | Blocked (CI bot whitelisted) | Auto-created on draft PR |
 | `alpha` | Blocked (CI bot whitelisted) | Manual rename |
 | `beta` | Blocked (CI bot whitelisted) | Manual rename |
 | `feature/*` | Open | N/A (source branch) |
-The tool `go run build/backport-locale.go` can be used to backport locales from the main branch to release branches that were missed.
+## Version Policy
-## Code review
+### Format
-How labels, milestones, and the merge queue work is documented in [docs/community-governance.md](docs/community-governance.md).
+All versions use `XX.YY.ZZ` — three two-digit segments, zero-padded:
-### Pull request format
+- **XX** — Major version (breaking changes)
 - **YY** — Minor version (new features, bumped on release to main)
 - **ZZ** — Patch version (auto-incremented on every push to dev/feature branches)
-Please try to make your pull request easy to review for us. \
+Rollover: patch `99` → `00` increments minor; minor `99` → `00` increments major.
 For that, please read the [*Best Practices for Faster Reviews*](https://github.com/kubernetes/community/blob/261cb0fd089b64002c91e8eddceebf032462ccd6/contributors/guide/pull-requests.md#best-practices-for-faster-reviews) guide. \
 It has lots of useful tips for any project you may want to contribute to. \
 Some of the key points:
- Make small pull requests. \
+### Stability suffixes
  The smaller, the faster to review and the more likely it will be merged soon.
 - Don't make changes unrelated to your PR. \
  Maybe there are typos on some comments, maybe refactoring would be welcome on a function... \
  but if that is not related to your PR, please make *another* PR for that.
 - Split big pull requests into multiple small ones. \
  An incremental change will be faster to review than a huge PR.
 - Allow edits by maintainers. This way, the maintainers will take care of merging the PR later on instead of you.
-### PR title and summary
+Each branch appends a suffix to indicate stability:
-In the PR title, describe the problem you are fixing, not how you are fixing it. \
+| Branch | Suffix | Example |
-Use the first comment as a summary of your PR. \
+|--------|--------|---------|
-In the PR summary, you can describe exactly how you are fixing this problem.
+| `main` | (none) | `02.09.00` |
 | `dev` | `-dev` | `02.09.01-dev` |
 | `feature/*` | `-dev` | `02.09.01-dev` |
 | `alpha` | `-alpha` | `02.09.01-alpha` |
 | `beta` | `-beta` | `02.09.01-beta` |
 | `rc` | `-rc` | `02.09.01-rc` |
-PR titles must follow the [Conventional Commits](https://www.conventionalcommits.org/) format, because PRs are squash-merged and the PR title becomes the resulting commit message:
+### Auto version bump
-```text
+On every push to `dev`, `feature/*`, or `patch/*`:
 type(scope)!: subject
 ```
-The allowed types are `build`, `chore`, `ci`, `docs`, `feat`, `fix`, `perf`, `refactor`, `revert`, `style`, and `test`. The generic `chore` type is intentionally not accepted; pick a more descriptive type instead.
+1. Patch version incremented
 2. Stability suffix `-dev` applied
 3. All version-bearing files updated (manifests, CHANGELOG, PHP headers, etc.)
 4. Commit created with `[skip ci]` to avoid loops
-Examples:
+### Release version flow
-```text
+Version bumps happen at specific release events:
 fix(web): prevent avatar upload crash on empty file
 feat(api): add pagination to repo hooks list
 ci(workflows): lint PR titles with commitlint
 ```
-Keep this summary up-to-date as the PR evolves. \
+| Event | Bump | Example |
-If your PR changes the UI, you must add **after** screenshots in the PR summary. \
+|-------|------|---------|
-If you are not implementing a new feature, you should also post **before** screenshots for comparison.
+| Feature merged to dev | Patch bump after dev release | `02.09.01-dev` → release → `02.09.02-dev` |
 | Dev promoted to RC | Minor bump | `02.09.02-dev` → `02.10.00-rc` |
 | RC merged to main | Minor bump | `02.10.00-rc` → `02.11.00` (stable) |
 | Dev recreated from main | Patch bump | `02.11.00` → `02.11.01-dev` |
-If you are implementing a new feature, your PR will only be merged if your screenshots are up to date.\
+### Release stream copies
 Furthermore, feature PRs will only be merged if their summary contains a clear usage description (understandable for users) and testing description (understandable for reviewers).
 You should strive to combine both into a single description.
-Another requirement for merging PRs is that the PR is labeled correctly.\
+When a higher-stability release is published, copies are created for all lesser streams with the same base version:
 However, this is not your job as a contributor, but the job of the person merging your PR.\
 If you think that your PR was labeled incorrectly, or notice that it was merged without labels, please let us know.
-If your PR closes some issues, you must note that in a way that both GitHub and Gitea understand, i.e. by appending a paragraph like
+- **RC `02.10.00-rc`** also creates: `02.10.00-dev`, `02.10.00-alpha`, `02.10.00-beta`
 - **Stable `02.11.00`** also creates: `02.11.00-dev`, `02.11.00-alpha`, `02.11.00-beta`, `02.11.00-rc`
-```text
+This ensures Joomla sites on ANY stability channel see the update (Joomla only shows versions higher than what's installed).
 Fixes/Closes/Resolves #<ISSUE_NR_X>.
 Fixes/Closes/Resolves #<ISSUE_NR_Y>.
 ```
-to your summary. \
+### Version files
 Each issue that will be closed must stand on a separate line.
-### Breaking PRs
+The version tools update all files containing version stamps:
-#### What is a breaking PR?
+- `.mokogitea/manifest.xml` (canonical source)
 - Joomla XML manifests (`<version>` tag)
 - `README.md`, `CHANGELOG.md` (`VERSION:` pattern)
 - `package.json`, `pyproject.toml`
 - Any text file with a `VERSION: XX.YY.ZZ` label
-A PR is breaking if it meets one of the following criteria:
+Files synced from other repos (with a `# REPO:` header) are not touched.
- It changes API output in an incompatible way for existing users
+## Code Standards
 - It removes a setting that an admin could previously set (i.e. via `app.ini`)
 - An admin must do something manually to restore the old behavior
-In particular, this means that adding new settings is not breaking.\
+- **PHP**: PSR-12, tabs for indentation
-Changing the default value of a setting or replacing the setting with another one is breaking, however.
+- **Copyright**: all files must include the Moko Consulting copyright header
 - **License**: SPDX identifier `GPL-3.0-or-later` (or as specified per repo)
 - **Attribution**: use `Authored-by: Moko Consulting` in commits, not individual names
-#### How to handle breaking PRs?
+## Commit Messages
-If your PR has a breaking change, you must add two things to the summary of your PR:
+Use conventional commit format:
 1. A reasoning why this breaking change is necessary
 2. A `BREAKING` section explaining in simple terms (understandable for a typical user) how this PR affects users and how to mitigate these changes. This section can look for example like
 ```md
 ## :warning: BREAKING :warning:
 ```
 Breaking PRs will not be merged as long as not both of these requirements are met.
 ### Maintaining open PRs
 Code review starts when you open a non-draft PR or move a draft out of draft state. After that, do not rebase or squash your branch; it makes new changes harder to review.
 Merge the base branch into yours only when you need to, for example because of conflicting changes elsewhere. That limits unnecessary CI runs.
 Every PR is squash-merged, so merge commits on your branch do not matter for final history. The squash produces a single commit; mergers follow the [commit message format](docs/community-governance.md#commit-messages) in the governance guide.
 ### Reviewing PRs
 Maintainers are encouraged to review pull requests in areas where they have expertise or particular interest.
 #### For PR authors
 - **Response**: When answering reviewer questions, use real-world cases or examples and avoid speculation.
 - **Discussion**: A discussion is always welcome and should be used to clarify the changes and the intent of the PR.
 - **Help**: If you need help with the PR or comments are unclear, ask for clarification.
 Guidance for reviewers, the merge queue, and the squash commit message format is in [docs/community-governance.md](docs/community-governance.md).
 ## Documentation
 If you add a new feature or change an existing aspect of Gitea, the documentation for that feature must be created or updated in another PR at [https://gitea.com/gitea/docs](https://gitea.com/gitea/docs).
 **The docs directory on main repository will be removed at some time. We will have a yaml file to store configuration file's meta data. After that completed, configuration documentation should be in the main repository.**
 ## Developer Certificate of Origin (DCO)
 We consider the act of contributing to the code by submitting a Pull Request as the "Sign off" or agreement to the certifications and terms of the [DCO](DCO) and [MIT license](LICENSE). \
 No further action is required. \
 You can also decide to sign off your commits by adding the following line at the end of your commit messages:
 ```
-Signed-off-by: Joe Smith <joe.smith@email.com>
+type(scope): short description
 Optional body with context.
 Authored-by: Moko Consulting
 ```
-If you set the `user.name` and `user.email` Git config options, you can add the line to the end of your commits automatically with `git commit -s`.
+Types: `feat`, `fix`, `chore`, `docs`, `style`, `refactor`, `test`, `ci`
-We assume in good faith that the information you provide is legally binding.
+Special flags in commit messages:
 - `[skip ci]` — skip all CI workflows
 - `[skip bump]` — skip auto version bump only
 ## Reporting Issues
 Use the repository's issue tracker with the appropriate template.
 ---
 *Moko Consulting <hello@mokoconsulting.tech>*
@@ -21,7 +21,7 @@ RUN apk --no-cache add \
    build-base \
    git
-WORKDIR ${GOPATH}/src/code.gitea.io/gitea
+WORKDIR ${GOPATH}/src/git.mokoconsulting.tech/MokoConsulting/MokoGitea
 COPY go.mod go.sum ./
 RUN go mod download
 # Use COPY instead of bind mount as read-only one breaks makefile state tracking
@@ -43,7 +43,7 @@ RUN chmod 755 /tmp/local/usr/bin/entrypoint \
              /tmp/local/etc/s6/gitea/* \
              /tmp/local/etc/s6/openssh/* \
              /tmp/local/etc/s6/.s6-svscan/* \
-              /go/src/code.gitea.io/gitea/gitea
+              /go/src/git.mokoconsulting.tech/MokoConsulting/MokoGitea/gitea
 FROM docker.io/library/alpine:3.23 AS gitea
@@ -75,7 +75,7 @@ RUN addgroup \
  echo "git:*" | chpasswd -e
 COPY --from=build-env /tmp/local /
-COPY --from=build-env /go/src/code.gitea.io/gitea/gitea /app/gitea/gitea
+COPY --from=build-env /go/src/git.mokoconsulting.tech/MokoConsulting/MokoGitea/gitea /app/gitea/gitea
 ENV USER=git
 ENV GITEA_CUSTOM=/data/gitea
@@ -0,0 +1,35 @@
 {
 	"folders":
 	[
 		{
 			"name":"MokoGitea",
 			"path": ".",
 			"folder_exclude_patterns":
 				[
 					".git",
 					".claude/worktree"
 			],
 				"file_exclude_patterns":
 				[
 					"*.sublime-workspace"
 			],
 		},
 		{
 			"name":"Workspace",
 			"path": "E:\Documents\Workspace",
 			"folder_exclude_patterns":
 				[
 					".git",
 					".claude/worktree"
 			],
 				"file_exclude_patterns":
 				[
 					"*.sublime-workspace"
 			],
 		},
 		{
 			"name":"Scripts",
 			"path": "J:\Shared drives\Knowledgebase\Scripts",
 		},
 	],
 }
@@ -9,7 +9,7 @@ import (
 	"fmt"
 	"os"
-	"code.gitea.io/gitea/modules/assetfs"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/assetfs"
 )
 func main() {
@@ -20,7 +20,7 @@ import (
 	"strings"
 	"unicode/utf8"
-	"code.gitea.io/gitea/modules/json"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/json"
 )
 const (
@@ -15,7 +15,7 @@ import (
 	"path/filepath"
 	"strings"
-	"code.gitea.io/gitea/modules/util"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/util"
 )
 func main() {
@@ -30,7 +30,7 @@ var primaryLicenseRe = regexp.MustCompile(`^(?i)(LICEN[SC]E|COPYING)$`)
 // ignoredNames are LicenseEntry.Name values to exclude from the output.
 var ignoredNames = map[string]bool{
 	"code.gitea.io/gitea":                 true,
-	"code.gitea.io/gitea/options/license": true,
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/options/license": true,
 }
 var excludedExt = map[string]bool{
@@ -25,7 +25,7 @@ import (
 	"sort"
 	"strings"
-	"code.gitea.io/gitea/build/openapi3gen"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/build/openapi3gen"
 	"github.com/getkin/kin-openapi/openapi3"
 )
@@ -34,16 +34,19 @@ const (
 	swaggerSpecPath = "templates/swagger/v1_json.tmpl"
 	openapi3OutPath = "templates/swagger/v1_openapi3_json.tmpl"
-	appSubUrlVar = "{{.SwaggerAppSubUrl}}"
+	appSubUrlVar  = "{{.SwaggerAppSubUrl}}"
-	appVerVar    = "{{.SwaggerAppVer}}"
+	appVerVar     = "{{.SwaggerAppVer}}"
 	appNameVar    = "{{.SwaggerAppName}}"
-	appSubUrlPlaceholder = "GITEA_APP_SUB_URL_PLACEHOLDER"
+	appSubUrlPlaceholder  = "GITEA_APP_SUB_URL_PLACEHOLDER"
-	appVerPlaceholder    = "0.0.0-gitea-placeholder"
+	appVerPlaceholder     = "0.0.0-gitea-placeholder"
 	appNamePlaceholder    = "GiteaAppNamePlaceholder"
 )
 var (
 	appSubUrlRe = regexp.MustCompile(regexp.QuoteMeta(appSubUrlVar))
 	appVerRe    = regexp.MustCompile(regexp.QuoteMeta(appVerVar))
 	appNameRe   = regexp.MustCompile(regexp.QuoteMeta(appNameVar))
 	enumScanDirs = []string{
 		"modules/structs",
@@ -70,6 +73,7 @@ func main() {
 	cleaned := appSubUrlRe.ReplaceAll(data, []byte(appSubUrlPlaceholder))
 	cleaned = appVerRe.ReplaceAll(cleaned, []byte(appVerPlaceholder))
 	cleaned = appNameRe.ReplaceAll(cleaned, []byte(appNamePlaceholder))
 	oas3, err := openapi3gen.Convert(cleaned, astEnumMap)
 	if err != nil {
@@ -87,6 +91,7 @@ func main() {
 	result := strings.ReplaceAll(string(out), appSubUrlPlaceholder, appSubUrlVar)
 	result = strings.ReplaceAll(result, appVerPlaceholder, appVerVar)
 	result = strings.ReplaceAll(result, appNamePlaceholder, appNameVar)
 	result = strings.TrimSpace(result)
 	if err := os.WriteFile(openapi3OutPath, []byte(result), 0o644); err != nil {
@@ -8,7 +8,7 @@ import (
 	"regexp"
 	"strings"
-	"code.gitea.io/gitea/modules/json"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/json"
 	"github.com/getkin/kin-openapi/openapi2"
 	"github.com/getkin/kin-openapi/openapi2conv"
@@ -7,8 +7,8 @@ import (
 	"context"
 	"fmt"
-	"code.gitea.io/gitea/modules/private"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/private"
-	"code.gitea.io/gitea/modules/setting"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
 	"github.com/urfave/cli/v3"
 )
@@ -8,12 +8,12 @@ import (
 	"context"
 	"fmt"
-	"code.gitea.io/gitea/models/db"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
-	repo_model "code.gitea.io/gitea/models/repo"
+	repo_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/repo"
-	"code.gitea.io/gitea/modules/git"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/git"
-	"code.gitea.io/gitea/modules/gitrepo"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/gitrepo"
-	"code.gitea.io/gitea/modules/log"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
-	repo_module "code.gitea.io/gitea/modules/repository"
+	repo_module "git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/repository"
 	"github.com/urfave/cli/v3"
 )
@@ -10,9 +10,9 @@ import (
 	"os"
 	"text/tabwriter"
-	auth_model "code.gitea.io/gitea/models/auth"
+	auth_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/auth"
-	"code.gitea.io/gitea/models/db"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
-	auth_service "code.gitea.io/gitea/services/auth"
+	auth_service "git.mokoconsulting.tech/MokoConsulting/MokoGitea/services/auth"
 	"github.com/urfave/cli/v3"
 )
@@ -8,9 +8,9 @@ import (
 	"fmt"
 	"strings"
-	"code.gitea.io/gitea/models/auth"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/auth"
-	"code.gitea.io/gitea/modules/util"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/util"
-	"code.gitea.io/gitea/services/auth/source/ldap"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/services/auth/source/ldap"
 	"github.com/urfave/cli/v3"
 )
@@ -7,9 +7,9 @@ import (
 	"context"
 	"testing"
-	"code.gitea.io/gitea/models/auth"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/auth"
-	"code.gitea.io/gitea/modules/test"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/test"
-	"code.gitea.io/gitea/services/auth/source/ldap"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/services/auth/source/ldap"
 	"github.com/stretchr/testify/assert"
 	"github.com/urfave/cli/v3"
@@ -9,9 +9,9 @@ import (
 	"fmt"
 	"net/url"
-	auth_model "code.gitea.io/gitea/models/auth"
+	auth_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/auth"
-	"code.gitea.io/gitea/modules/util"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/util"
-	"code.gitea.io/gitea/services/auth/source/oauth2"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/services/auth/source/oauth2"
 	"github.com/urfave/cli/v3"
 )
@@ -7,8 +7,8 @@ import (
 	"context"
 	"testing"
-	auth_model "code.gitea.io/gitea/models/auth"
+	auth_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/auth"
-	"code.gitea.io/gitea/services/auth/source/oauth2"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/services/auth/source/oauth2"
 	"github.com/stretchr/testify/assert"
 	"github.com/urfave/cli/v3"
@@ -8,9 +8,9 @@ import (
 	"errors"
 	"strings"
-	auth_model "code.gitea.io/gitea/models/auth"
+	auth_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/auth"
-	"code.gitea.io/gitea/modules/util"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/util"
-	"code.gitea.io/gitea/services/auth/source/smtp"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/services/auth/source/smtp"
 	"github.com/urfave/cli/v3"
 )
@@ -7,8 +7,8 @@ import (
 	"context"
 	"testing"
-	auth_model "code.gitea.io/gitea/models/auth"
+	auth_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/auth"
-	"code.gitea.io/gitea/services/auth/source/smtp"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/services/auth/source/smtp"
 	"github.com/stretchr/testify/assert"
 	"github.com/urfave/cli/v3"
@@ -6,9 +6,9 @@ package cmd
 import (
 	"context"
-	"code.gitea.io/gitea/modules/graceful"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/graceful"
-	asymkey_service "code.gitea.io/gitea/services/asymkey"
+	asymkey_service "git.mokoconsulting.tech/MokoConsulting/MokoGitea/services/asymkey"
-	repo_service "code.gitea.io/gitea/services/repository"
+	repo_service "git.mokoconsulting.tech/MokoConsulting/MokoGitea/services/repository"
 	"github.com/urfave/cli/v3"
 )
@@ -8,11 +8,11 @@ import (
 	"errors"
 	"fmt"
-	user_model "code.gitea.io/gitea/models/user"
+	user_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
-	"code.gitea.io/gitea/modules/auth/password"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/auth/password"
-	"code.gitea.io/gitea/modules/optional"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/optional"
-	"code.gitea.io/gitea/modules/setting"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
-	user_service "code.gitea.io/gitea/services/user"
+	user_service "git.mokoconsulting.tech/MokoConsulting/MokoGitea/services/user"
 	"github.com/urfave/cli/v3"
 )
@@ -7,9 +7,9 @@ import (
 	"io"
 	"testing"
-	"code.gitea.io/gitea/models/db"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
-	"code.gitea.io/gitea/models/unittest"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/unittest"
-	user_model "code.gitea.io/gitea/models/user"
+	user_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
@@ -9,12 +9,12 @@ import (
 	"fmt"
 	"strings"
-	auth_model "code.gitea.io/gitea/models/auth"
+	auth_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/auth"
-	"code.gitea.io/gitea/models/db"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
-	user_model "code.gitea.io/gitea/models/user"
+	user_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
-	pwd "code.gitea.io/gitea/modules/auth/password"
+	pwd "git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/auth/password"
-	"code.gitea.io/gitea/modules/optional"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/optional"
-	"code.gitea.io/gitea/modules/setting"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
 	"github.com/urfave/cli/v3"
 )
@@ -8,10 +8,10 @@ import (
 	"strings"
 	"testing"
-	auth_model "code.gitea.io/gitea/models/auth"
+	auth_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/auth"
-	"code.gitea.io/gitea/models/db"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
-	"code.gitea.io/gitea/models/unittest"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/unittest"
-	user_model "code.gitea.io/gitea/models/user"
+	user_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
@@ -9,10 +9,10 @@ import (
 	"fmt"
 	"strings"
-	user_model "code.gitea.io/gitea/models/user"
+	user_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
-	"code.gitea.io/gitea/modules/setting"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
-	"code.gitea.io/gitea/modules/storage"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/storage"
-	user_service "code.gitea.io/gitea/services/user"
+	user_service "git.mokoconsulting.tech/MokoConsulting/MokoGitea/services/user"
 	"github.com/urfave/cli/v3"
 )
@@ -8,10 +8,10 @@ import (
 	"strings"
 	"testing"
-	auth_model "code.gitea.io/gitea/models/auth"
+	auth_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/auth"
-	"code.gitea.io/gitea/models/db"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
-	"code.gitea.io/gitea/models/unittest"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/unittest"
-	user_model "code.gitea.io/gitea/models/user"
+	user_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
 	"github.com/stretchr/testify/require"
 )
@@ -8,8 +8,8 @@ import (
 	"errors"
 	"fmt"
-	auth_model "code.gitea.io/gitea/models/auth"
+	auth_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/auth"
-	user_model "code.gitea.io/gitea/models/user"
+	user_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
 	"github.com/urfave/cli/v3"
 )
@@ -9,7 +9,7 @@ import (
 	"os"
 	"text/tabwriter"
-	user_model "code.gitea.io/gitea/models/user"
+	user_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
 	"github.com/urfave/cli/v3"
 )
@@ -8,8 +8,8 @@ import (
 	"errors"
 	"fmt"
-	user_model "code.gitea.io/gitea/models/user"
+	user_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
-	"code.gitea.io/gitea/modules/setting"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
 	"github.com/urfave/cli/v3"
 )
@@ -6,9 +6,9 @@ package cmd
 import (
 	"testing"
-	"code.gitea.io/gitea/models/db"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
-	"code.gitea.io/gitea/models/unittest"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/unittest"
-	user_model "code.gitea.io/gitea/models/user"
+	user_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
@@ -15,11 +15,11 @@ import (
 	"strings"
 	"testing"
-	"code.gitea.io/gitea/cmd"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/cmd"
-	"code.gitea.io/gitea/models/unittest"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/unittest"
-	"code.gitea.io/gitea/modules/setting"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
-	"code.gitea.io/gitea/modules/test"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/test"
-	"code.gitea.io/gitea/modules/util"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/util"
 	"github.com/stretchr/testify/assert"
 	"github.com/urfave/cli/v3"
@@ -9,7 +9,7 @@ import (
 	"fmt"
 	"os"
-	"code.gitea.io/gitea/modules/setting"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
 	"github.com/urfave/cli/v3"
 )
@@ -12,13 +12,13 @@ import (
 	"strings"
 	"text/tabwriter"
-	"code.gitea.io/gitea/models/db"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
-	"code.gitea.io/gitea/models/migrations"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/migrations"
-	migrate_base "code.gitea.io/gitea/models/migrations/base"
+	migrate_base "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/migrations/base"
-	"code.gitea.io/gitea/modules/container"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/container"
-	"code.gitea.io/gitea/modules/log"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
-	"code.gitea.io/gitea/modules/setting"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
-	"code.gitea.io/gitea/services/doctor"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/services/doctor"
 	"github.com/urfave/cli/v3"
 	"xorm.io/xorm"
@@ -7,9 +7,9 @@ import (
 	"context"
 	"fmt"
-	"code.gitea.io/gitea/models/db"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
-	"code.gitea.io/gitea/modules/log"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
-	"code.gitea.io/gitea/modules/setting"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
 	"github.com/urfave/cli/v3"
 )
@@ -7,8 +7,8 @@ import (
 	"context"
 	"testing"
-	"code.gitea.io/gitea/modules/log"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
-	"code.gitea.io/gitea/services/doctor"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/services/doctor"
 	"github.com/stretchr/testify/assert"
 	"github.com/urfave/cli/v3"
@@ -11,13 +11,13 @@ import (
 	"path/filepath"
 	"strings"
-	"code.gitea.io/gitea/models/db"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
-	"code.gitea.io/gitea/modules/dump"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/dump"
-	"code.gitea.io/gitea/modules/json"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/json"
-	"code.gitea.io/gitea/modules/log"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
-	"code.gitea.io/gitea/modules/setting"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
-	"code.gitea.io/gitea/modules/storage"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/storage"
-	"code.gitea.io/gitea/modules/util"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/util"
 	"gitea.com/go-chi/session"
 	"github.com/urfave/cli/v3"
@@ -10,14 +10,14 @@ import (
 	"os"
 	"strings"
-	"code.gitea.io/gitea/modules/git"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/git"
-	"code.gitea.io/gitea/modules/log"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
-	base "code.gitea.io/gitea/modules/migration"
+	base "git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/migration"
-	"code.gitea.io/gitea/modules/setting"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
-	"code.gitea.io/gitea/modules/structs"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/structs"
-	"code.gitea.io/gitea/modules/util"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/util"
-	"code.gitea.io/gitea/services/convert"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/services/convert"
-	"code.gitea.io/gitea/services/migrations"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/services/migrations"
 	"github.com/urfave/cli/v3"
 )
@@ -11,14 +11,14 @@ import (
 	"path/filepath"
 	"strings"
-	"code.gitea.io/gitea/modules/assetfs"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/assetfs"
-	"code.gitea.io/gitea/modules/glob"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/glob"
-	"code.gitea.io/gitea/modules/log"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
-	"code.gitea.io/gitea/modules/options"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/options"
-	"code.gitea.io/gitea/modules/public"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/public"
-	"code.gitea.io/gitea/modules/setting"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
-	"code.gitea.io/gitea/modules/templates"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/templates"
-	"code.gitea.io/gitea/modules/util"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/util"
 	"github.com/urfave/cli/v3"
 )
@@ -9,7 +9,7 @@ import (
 	"fmt"
 	"os"
-	"code.gitea.io/gitea/modules/generate"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/generate"
 	"github.com/mattn/go-isatty"
 	"github.com/urfave/cli/v3"
@@ -15,9 +15,9 @@ import (
 	"strings"
 	"syscall"
-	"code.gitea.io/gitea/models/db"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
-	"code.gitea.io/gitea/modules/log"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
-	"code.gitea.io/gitea/modules/setting"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
 	"github.com/urfave/cli/v3"
 )
@@ -14,12 +14,12 @@ import (
 	"strings"
 	"time"
-	"code.gitea.io/gitea/modules/git"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/git"
-	"code.gitea.io/gitea/modules/git/gitcmd"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/git/gitcmd"
-	"code.gitea.io/gitea/modules/log"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
-	"code.gitea.io/gitea/modules/private"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/private"
-	repo_module "code.gitea.io/gitea/modules/repository"
+	repo_module "git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/repository"
-	"code.gitea.io/gitea/modules/setting"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
 	"github.com/urfave/cli/v3"
 )
@@ -9,8 +9,8 @@ import (
 	"fmt"
 	"strings"
-	"code.gitea.io/gitea/modules/log"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
-	"code.gitea.io/gitea/modules/private"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/private"
 	"github.com/urfave/cli/v3"
 )
@@ -7,8 +7,8 @@ import (
 	"context"
 	"fmt"
-	"code.gitea.io/gitea/modules/private"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/private"
-	"code.gitea.io/gitea/modules/setting"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
 	"github.com/urfave/cli/v3"
 )
@@ -10,8 +10,8 @@ import (
 	"os"
 	"strings"
-	"code.gitea.io/gitea/modules/log"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
-	"code.gitea.io/gitea/modules/setting"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
 	"github.com/urfave/cli/v3"
 )
@@ -7,7 +7,7 @@ import (
 	"context"
 	"testing"
-	"code.gitea.io/gitea/models/unittest"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/unittest"
 	"github.com/stretchr/testify/assert"
 	"github.com/urfave/cli/v3"
@@ -8,7 +8,7 @@ import (
 	"os"
 	"time"
-	"code.gitea.io/gitea/modules/private"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/private"
 	"github.com/urfave/cli/v3"
 )
@@ -9,8 +9,8 @@ import (
 	"fmt"
 	"os"
-	"code.gitea.io/gitea/modules/log"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
-	"code.gitea.io/gitea/modules/private"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/private"
 	"github.com/urfave/cli/v3"
 )
@@ -6,10 +6,10 @@ package cmd
 import (
 	"context"
-	"code.gitea.io/gitea/models/db"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
-	"code.gitea.io/gitea/modules/log"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
-	"code.gitea.io/gitea/modules/setting"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
-	"code.gitea.io/gitea/services/versioned_migration"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/services/versioned_migration"
 	"github.com/urfave/cli/v3"
 )
@@ -10,17 +10,17 @@ import (
 	"io/fs"
 	"strings"
-	actions_model "code.gitea.io/gitea/models/actions"
+	actions_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/actions"
-	"code.gitea.io/gitea/models/db"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
-	git_model "code.gitea.io/gitea/models/git"
+	git_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/git"
-	packages_model "code.gitea.io/gitea/models/packages"
+	packages_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/packages"
-	repo_model "code.gitea.io/gitea/models/repo"
+	repo_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/repo"
-	user_model "code.gitea.io/gitea/models/user"
+	user_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
-	"code.gitea.io/gitea/modules/log"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
-	packages_module "code.gitea.io/gitea/modules/packages"
+	packages_module "git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/packages"
-	"code.gitea.io/gitea/modules/setting"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
-	"code.gitea.io/gitea/modules/storage"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/storage"
-	"code.gitea.io/gitea/services/versioned_migration"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/services/versioned_migration"
 	"github.com/urfave/cli/v3"
 )
@@ -8,13 +8,13 @@ import (
 	"strings"
 	"testing"
-	"code.gitea.io/gitea/models/packages"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/packages"
-	"code.gitea.io/gitea/models/unittest"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/unittest"
-	user_model "code.gitea.io/gitea/models/user"
+	user_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
-	packages_module "code.gitea.io/gitea/modules/packages"
+	packages_module "git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/packages"
-	"code.gitea.io/gitea/modules/setting"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
-	"code.gitea.io/gitea/modules/storage"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/storage"
-	packages_service "code.gitea.io/gitea/services/packages"
+	packages_service "git.mokoconsulting.tech/MokoConsulting/MokoGitea/services/packages"
 	"github.com/stretchr/testify/assert"
 )
@@ -7,8 +7,8 @@ import (
 	"context"
 	"strings"
-	"code.gitea.io/gitea/modules/private"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/private"
-	"code.gitea.io/gitea/modules/setting"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
 	"github.com/urfave/cli/v3"
 )
@@ -15,21 +15,21 @@ import (
 	"strings"
 	"unicode"
-	asymkey_model "code.gitea.io/gitea/models/asymkey"
+	asymkey_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/asymkey"
-	git_model "code.gitea.io/gitea/models/git"
+	git_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/git"
-	"code.gitea.io/gitea/models/perm"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/perm"
-	repo_model "code.gitea.io/gitea/models/repo"
+	repo_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/repo"
-	"code.gitea.io/gitea/modules/git"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/git"
-	"code.gitea.io/gitea/modules/git/gitcmd"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/git/gitcmd"
-	"code.gitea.io/gitea/modules/json"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/json"
-	"code.gitea.io/gitea/modules/lfstransfer"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/lfstransfer"
-	"code.gitea.io/gitea/modules/log"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
-	"code.gitea.io/gitea/modules/pprof"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/pprof"
-	"code.gitea.io/gitea/modules/private"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/private"
-	"code.gitea.io/gitea/modules/process"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/process"
-	repo_module "code.gitea.io/gitea/modules/repository"
+	repo_module "git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/repository"
-	"code.gitea.io/gitea/modules/setting"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
-	"code.gitea.io/gitea/services/lfs"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/services/lfs"
 	"github.com/kballard/go-shellquote"
 	"github.com/urfave/cli/v3"
@@ -15,17 +15,17 @@ import (
 	"strings"
 	"time"
-	"code.gitea.io/gitea/modules/container"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/container"
-	"code.gitea.io/gitea/modules/graceful"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/graceful"
-	"code.gitea.io/gitea/modules/gtprof"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/gtprof"
-	"code.gitea.io/gitea/modules/log"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
-	"code.gitea.io/gitea/modules/process"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/process"
-	"code.gitea.io/gitea/modules/public"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/public"
-	"code.gitea.io/gitea/modules/setting"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
-	"code.gitea.io/gitea/modules/templates"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/templates"
-	"code.gitea.io/gitea/modules/util"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/util"
-	"code.gitea.io/gitea/routers"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/routers"
-	"code.gitea.io/gitea/routers/install"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/routers/install"
 	"github.com/felixge/fgprof"
 	"github.com/urfave/cli/v3"
@@ -13,11 +13,11 @@ import (
 	"strconv"
 	"strings"
-	"code.gitea.io/gitea/modules/graceful"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/graceful"
-	"code.gitea.io/gitea/modules/log"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
-	"code.gitea.io/gitea/modules/process"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/process"
-	"code.gitea.io/gitea/modules/setting"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
-	"code.gitea.io/gitea/modules/util"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/util"
 	"github.com/caddyserver/certmagic"
 )
@@ -9,9 +9,9 @@ import (
 	"net/http/fcgi"
 	"strings"
-	"code.gitea.io/gitea/modules/graceful"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/graceful"
-	"code.gitea.io/gitea/modules/log"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
-	"code.gitea.io/gitea/modules/setting"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
 )
 func runHTTP(network, listenAddr, name string, m http.Handler, useProxyProtocol bool) error {
@@ -9,9 +9,9 @@ import (
 	"os"
 	"strings"
-	"code.gitea.io/gitea/modules/graceful"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/graceful"
-	"code.gitea.io/gitea/modules/log"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
-	"code.gitea.io/gitea/modules/setting"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
 	"github.com/klauspost/cpuid/v2"
 )
@@ -1,198 +0,0 @@
 # Community governance and review process
 This document describes maintainer expectations, project governance, and the detailed pull request review workflow (labels, merge queue, commit message format for mergers). For what contributors should do when opening and updating a PR, see [CONTRIBUTING.md](../CONTRIBUTING.md).
 ## Code review
 ### Milestone
 A PR should only be assigned to a milestone if it will likely be merged into the given version. \
 PRs without a milestone may not be merged.
 ### Labels
 Almost all labels used inside Gitea can be classified as one of the following:
 - `modifies/…`: Determines which parts of the codebase are affected. These labels will be set through the CI.
 - `topic/…`:  Determines the conceptual component of Gitea that is affected, i.e. issues, projects, or authentication. At best, PRs should only target one component but there might be overlap. Must be set manually.
 - `type/…`: Determines the type of an issue or PR (feature, refactoring, docs, bug, …). If GitHub supported scoped labels, these labels would be exclusive, so you should set **exactly** one, not more or less (every PR should fall into one of the provided categories, and only one).
 - `issue/…` / `lgtm/…`: Labels that are specific to issues or PRs respectively and that are only necessary in a given context, i.e. `issue/not-a-bug` or `lgtm/need 2`
 Every PR should be labeled correctly with every label that applies.
 There are also some labels that will be managed automatically.\
 In particular, these are
 - the amount of pending required approvals
 - has all `backport`s or needs a manual backport
 ### Reviewing PRs
 Maintainers are encouraged to review pull requests in areas where they have expertise or particular interest.
 #### For reviewers
 - **Verification**: Verify that the PR accurately reflects the changes, and verify that the tests and documentation are complete and aligned with the implementation.
 - **Actionable feedback**: Say what should change and why, and distinguish required changes from optional suggestions.
 - **Feedback**: Focus feedback on the issue itself and avoid comments about the contributor's abilities.
 - **Request changes**: If you request changes (i.e., block a PR), give a clear rationale and, whenever possible, a concrete path to resolution.
 - **Approval**: Only approve a PR when you are fully satisfied with its current state - "rubber-stamp" approvals need to be highlighted as such.
 ### Getting PRs merged
 Changes to Gitea must be reviewed before they are accepted, including changes from owners and maintainers. The exception is critical bugs that prevent Gitea from compiling or starting.
 We require two maintainer approvals for every PR. When that is satisfied, your PR gets the `lgtm/done` label. After that, you mainly fix merge conflicts and respond to or implement maintainer requests; maintainers drive getting the PR merged.
 If a PR has `lgtm/done`, no open discussions, and no merge conflicts, any maintainer may add `reviewed/wait-merge`. That puts the PR in the merge queue. PRs are merged from the queue in the order of this list:
 <https://github.com/go-gitea/gitea/pulls?q=is%3Apr+label%3Areviewed%2Fwait-merge+sort%3Acreated-asc+is%3Aopen>
 Gitea uses its own tool, <https://github.com/GiteaBot/gitea-backporter>, to automate parts of the review process. The backporter:
 - Creates a backport PR when needed after the initial PR merges.
 - Removes the PR from the merge queue after it merges.
 - Keeps the oldest branch in the merge queue up to date with merges.
 ### Final call
 If a PR has been ignored for more than 7 days with no comments or reviews, and the author or any maintainer believes it will not survive a long wait (such as a refactoring PR), they can send "final call" to the TOC by mentioning them in a comment.
 After another 7 days, if there is still zero approval, this is considered a polite refusal, and the PR will be closed to avoid wasting further time. Therefore, the "final call" has a cost, and should be used cautiously.
 However, if there are no objections from maintainers, the PR can be merged with only one approval from the TOC (not the author).
 ### Commit messages
 Mergers are required to rewrite the PR title and the first comment (the summary) when necessary so the squash commit message is clear.
 The final commit message should not hedge: replace phrases like `hopefully, <x> won't happen anymore` with definite wording.
 #### PR Co-authors
 A person counts as a PR co-author once they (co-)authored a commit that is not simply a `Merge base branch into branch` commit. Mergers must remove such false-positive co-authors when writing the squash message. Every true co-author must remain in the commit message.
 #### PRs targeting `main`
 The commit message of PRs targeting `main` is always
 ```bash
 $PR_TITLE ($PR_INDEX)
 $REWRITTEN_PR_SUMMARY
 ```
 #### Backport PRs
 The commit message of backport PRs is always
 ```bash
 $PR_TITLE ($INITIAL_PR_INDEX) ($BACKPORT_PR_INDEX)
 $REWRITTEN_PR_SUMMARY
 ```
 ## Maintainers
 We list [maintainers](../MAINTAINERS) so every PR gets proper review.
 #### Review expectations
 Every PR **must** be reviewed by at least two maintainers (or owners) before merge. **Exception:** after one week, refactoring PRs and documentation-only PRs need only one maintainer approval.
 Maintainers are expected to spend time on code reviews.
 #### Becoming a maintainer
 A maintainer should already be a Gitea contributor with at least four merged PRs. To apply, use the [Discord](https://discord.gg/Gitea) `#develop` channel. Maintainer teams may also invite contributors.
 #### Stepping down, advisors, and inactivity
 If you cannot keep reviewing, apply to leave the maintainers team. You can join the [advisors team](https://github.com/orgs/go-gitea/teams/advisors); advisors who want to review again are welcome back as maintainers.
 If a maintainer is inactive for more than three months and has not left the team, owners may move them to the advisors team.
 #### Account security
 For security, maintainers should enable 2FA and sign commits with GPG when possible:
 - [Two-factor authentication](https://docs.github.com/en/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication)
 - [Signing commits with GPG](https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits)
 Any account with write access (including bots and TOC members) **must** use [2FA](https://docs.github.com/en/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication).
 ## Technical Oversight Committee (TOC)
 At the start of 2023, the `Owners` team was dissolved. Instead, the governance charter proposed a technical oversight committee (TOC) which expands the ownership team of the Gitea project from three elected positions to six positions. Three positions are elected as it has been over the past years, and the other three consist of appointed members from the Gitea company.
 https://blog.gitea.com/quarterly-23q1/
 ### TOC election process
 Any maintainer is eligible to be part of the community TOC if they are not associated with the Gitea company.
 A maintainer can either nominate themselves, or can be nominated by other maintainers to be a candidate for the TOC election.
 If you are nominated by someone else, you must first accept your nomination before the vote starts to be a candidate.
 The TOC is elected for one year, the TOC election happens yearly.
 After the announcement of the results of the TOC election, elected members have two weeks time to confirm or refuse the seat.
 If an elected member does not answer within this timeframe, they are automatically assumed to refuse the seat.
 Refusals result in the person with the next highest vote getting the same choice.
 As long as seats are empty in the TOC, members of the previous TOC can fill them until an elected member accepts the seat.
 If an elected member that accepts the seat does not have 2FA configured yet, they will be temporarily counted as `answer pending` until they manage to configure 2FA, thus leaving their seat empty for this duration.
 ### Current TOC members
 - 2024-01-01 ~ 2024-12-31
  - Company
    - [Jason Song](https://gitea.com/wolfogre) <i@wolfogre.com>
    - [Lunny Xiao](https://gitea.com/lunny) <xiaolunwen@gmail.com>
    - [Matti Ranta](https://gitea.com/techknowlogick) <techknowlogick@gitea.com>
  - Community
    - [6543](https://gitea.com/6543) <6543@obermui.de>
    - [delvh](https://gitea.com/delvh) <dev.lh@web.de>
    - [John Olheiser](https://gitea.com/jolheiser) <john.olheiser@gmail.com>
 ### Previous TOC/owners members
 Here's the history of the owners and the time they served:
 - [Lunny Xiao](https://gitea.com/lunny) - 2016, 2017, [2018](https://github.com/go-gitea/gitea/issues/3255), [2019](https://github.com/go-gitea/gitea/issues/5572), [2020](https://github.com/go-gitea/gitea/issues/9230), [2021](https://github.com/go-gitea/gitea/issues/13801), [2022](https://github.com/go-gitea/gitea/issues/17872), 2023
 - [Kim Carlbäcker](https://github.com/bkcsoft) - 2016, 2017
 - [Thomas Boerger](https://gitea.com/tboerger) - 2016, 2017
 - [Lauris Bukšis-Haberkorns](https://gitea.com/lafriks) - [2018](https://github.com/go-gitea/gitea/issues/3255), [2019](https://github.com/go-gitea/gitea/issues/5572), [2020](https://github.com/go-gitea/gitea/issues/9230), [2021](https://github.com/go-gitea/gitea/issues/13801)
 - [Matti Ranta](https://gitea.com/techknowlogick) - [2019](https://github.com/go-gitea/gitea/issues/5572), [2020](https://github.com/go-gitea/gitea/issues/9230), [2021](https://github.com/go-gitea/gitea/issues/13801), [2022](https://github.com/go-gitea/gitea/issues/17872), 2023
 - [Andrew Thornton](https://gitea.com/zeripath) - [2020](https://github.com/go-gitea/gitea/issues/9230), [2021](https://github.com/go-gitea/gitea/issues/13801), [2022](https://github.com/go-gitea/gitea/issues/17872), 2023
 - [6543](https://gitea.com/6543) - 2023
 - [John Olheiser](https://gitea.com/jolheiser) - 2023
 - [Jason Song](https://gitea.com/wolfogre) - 2023
 ## Governance Compensation
 Each member of the community elected TOC will be granted $500 each month as compensation for their work.
 Furthermore, any community release manager for a specific release or LTS will be compensated $500 for the delivery of said release.
 These funds will come from community sources like the OpenCollective rather than directly from the company.
 Only non-company members are eligible for this compensation, and if a member of the community TOC takes the responsibility of release manager, they would only be compensated for their TOC duties.
 Gitea Ltd employees are not eligible to receive any funds from the OpenCollective unless it is reimbursement for a purchase made for the Gitea project itself.
 ## TOC & Working groups
 With Gitea covering many projects outside of the main repository, several groups will be created to help focus on specific areas instead of requiring maintainers to be a jack-of-all-trades. Maintainers are of course more than welcome to be part of multiple groups should they wish to contribute in multiple places.
 The currently proposed groups are:
 - **Core Group**: maintain the primary Gitea repository
 - **Integration Group**: maintain the Gitea ecosystem's related tools, including go-sdk/tea/changelog/bots etc.
 - **Documentation Group**: maintain related documents and repositories
 - **Translation Group**: coordinate with translators and maintain translations
 - **Security Group**: managed by TOC directly, members are decided by TOC, maintains security patches/responsible for security items
 ## Roadmap
 Each year a roadmap will be discussed with the entire Gitea maintainers team, and feedback will be solicited from various stakeholders.
 TOC members need to review the roadmap every year and work together on the direction of the project.
 When a vote is required for a proposal or other change, the vote of community elected TOC members count slightly more than the vote of company elected TOC members. With this approach, we both avoid ties and ensure that changes align with the mission statement and community opinion.
 You can visit our roadmap on the wiki.
@@ -1,58 +0,0 @@
 # Backend development
 This document covers backend-specific contribution expectations. For general contribution workflow, see [CONTRIBUTING.md](../CONTRIBUTING.md).
 For coding style and architecture, see also the [backend development guideline](https://docs.gitea.com/contributing/guidelines-backend) on the documentation site.
 ## Dependencies
 Go dependencies are managed using [Go Modules](https://go.dev/cmd/go/#hdr-Module_maintenance). \
 You can find more details in the [go mod documentation](https://go.dev/ref/mod) and the [Go Modules Wiki](https://github.com/golang/go/wiki/Modules).
 Pull requests should only modify `go.mod` and `go.sum` where it is related to your change, be it a bugfix or a new feature. \
 Apart from that, these files should only be modified by Pull Requests whose only purpose is to update dependencies.
 The `go.mod`, `go.sum` update needs to be justified as part of the PR description,
 and must be verified by the reviewers and/or merger to always reference
 an existing upstream commit.
 ## API v1
 The API is documented by [swagger](https://gitea.com/api/swagger) and is based on [the GitHub API](https://docs.github.com/en/rest).
 ### GitHub API compatibility
 Gitea's API should use the same endpoints and fields as the GitHub API as far as possible, unless there are good reasons to deviate. \
 If Gitea provides functionality that GitHub does not, a new endpoint can be created. \
 If information is provided by Gitea that is not provided by the GitHub API, a new field can be used that doesn't collide with any GitHub fields. \
 Updating an existing API should not remove existing fields unless there is a really good reason to do so. \
 The same applies to status responses. If you notice a problem, feel free to leave a comment in the code for future refactoring to API v2 (which is currently not planned).
 ### Adding/Maintaining API routes
 All expected results (errors, success, fail messages) must be documented ([example](https://github.com/go-gitea/gitea/blob/c620eb5b2d0d874da68ebd734d3864c5224f71f7/routers/api/v1/repo/issue.go#L319-L327)). \
 All JSON input types must be defined as a struct in [modules/structs/](modules/structs/) ([example](https://github.com/go-gitea/gitea/blob/c620eb5b2d0d874da68ebd734d3864c5224f71f7/modules/structs/issue.go#L76-L91)) \
 and referenced in [routers/api/v1/swagger/options.go](https://github.com/go-gitea/gitea/blob/c620eb5b2d0d874da68ebd734d3864c5224f71f7/routers/api/v1/swagger/options.go). \
 They can then be used like [this example](https://github.com/go-gitea/gitea/blob/c620eb5b2d0d874da68ebd734d3864c5224f71f7/routers/api/v1/repo/issue.go#L318). \
 All JSON responses must be defined as a struct in [modules/structs/](modules/structs/) ([example](https://github.com/go-gitea/gitea/blob/c620eb5b2d0d874da68ebd734d3864c5224f71f7/modules/structs/issue.go#L36-L68)) \
 and referenced in its category in [routers/api/v1/swagger/](routers/api/v1/swagger/) ([example](https://github.com/go-gitea/gitea/blob/c620eb5b2d0d874da68ebd734d3864c5224f71f7/routers/api/v1/swagger/issue.go#L11-L16)) \
 They can be used like [this example](https://github.com/go-gitea/gitea/blob/c620eb5b2d0d874da68ebd734d3864c5224f71f7/routers/api/v1/repo/issue.go#L277-L279).
 ### When to use what HTTP method
 In general, HTTP methods are chosen as follows:
 - **GET** endpoints return the requested object(s) and status **OK (200)**
 - **DELETE** endpoints return the status **No Content (204)** and no content either
 - **POST** endpoints are used to **create** new objects (e.g. a User) and return the status **Created (201)** and the created object
 - **PUT** endpoints are used to **add/assign** existing Objects (e.g. a user to a team) and return the status **No Content (204)** and no content either
 - **PATCH** endpoints are used to **edit/change** an existing object and return the changed object and the status **OK (200)**
 ### Requirements for API routes
 All parameters of endpoints changing/editing an object must be optional (except the ones to identify the object, which are required).
 Endpoints returning lists must
 - support pagination (`page` & `limit` options in query)
 - set `X-Total-Count` header via **SetTotalCountHeader** ([example](https://github.com/go-gitea/gitea/blob/7aae98cc5d4113f1e9918b7ee7dd09f67c189e3e/routers/api/v1/repo/issue.go#L444))
@@ -1,17 +0,0 @@
 # Frontend development
 This document covers frontend-specific contribution expectations. For general contribution workflow, see [CONTRIBUTING.md](../CONTRIBUTING.md).
 ## Dependencies
 For the frontend, we use [npm](https://www.npmjs.com/).
 The same restrictions apply for frontend dependencies as for [backend dependencies](guideline-backend.md#dependencies), with the exceptions that the files for it are `package.json` and `package-lock.json`, and that new versions must always reference an existing version.
 ## Design guideline
 Depending on your change, please read the
 - [backend development guideline](https://docs.gitea.com/contributing/guidelines-backend)
 - [frontend development guideline](https://docs.gitea.com/contributing/guidelines-frontend)
 - [refactoring guideline](https://docs.gitea.com/contributing/guidelines-refactoring)
@@ -1,115 +0,0 @@
 # Release management
 This document describes the release cycle, backports, versioning, and the release manager checklist. For everyday contribution workflow, see [CONTRIBUTING.md](../CONTRIBUTING.md).
 ## Backports and Frontports
 ### What is backported?
 We backport PRs given the following circumstances:
 1. Feature freeze is active, but `<version>-rc0` has not been released yet. Here, we backport as much as possible. <!-- TODO: Is that our definition with the new backport bot? -->
 2. `rc0` has been released. Here, we only backport bug- and security-fixes, and small enhancements. Large PRs such as refactors are not backported anymore. <!-- TODO: Is that our definition with the new backport bot? -->
 3. We never backport new features.
 4. We never backport breaking changes except when
    1. The breaking change has no effect on the vast majority of users
    2. The component triggering the breaking change is marked as experimental
 ### How to backport?
 In the past, it was necessary to manually backport your PRs. \
 Now, that's not a requirement anymore as our [backport bot](https://github.com/GiteaBot) tries to create backports automatically once the PR is merged when the PR
 - does not have the label `backport/manual`
 - has the label `backport/<version>`
 The `backport/manual` label signifies either that you want to backport the change yourself, or that there were conflicts when backporting, thus you **must** do it yourself.
 ### Format of backport PRs
 The title of backport PRs should be
 ```
 <original PR title> (#<original pr number>)
 ```
 The first two lines of the summary of the backporting PR should be
 ```
 Backport #<original pr number>
 ```
 with the rest of the summary and labels matching the original PR.
 ### Frontports
 Frontports behave exactly as described above for backports.
 ## Release Cycle
 We use a release schedule so work, stabilization, and releases stay predictable.
 ### Cadence
 - Aim for a major release about every three or four months.
 - Roughly two or three months of general development, then about one month of testing and polish called the **release freeze**.
 - *Starting with v1.26 the release cycle will be more predictable and follow a more regular schedule.*
 ### Release schedule
 We will try to publish a new major version every three months:
 - v1.26.0 in April 2026
 - v1.27.0 in June 2026
 - v1.28.0 in September 2026
 - v1.29.0 in December 2026
 #### How is the release handled?
 - The release manager will tag the release candidate (e.g. `v1.26.0-rc0`) and publish it for testing in the **first week of the release month**.
 - If there are no major issues, the release manager will check with the other maintainers and then tag the final release (e.g. `v1.26.0`) in the **one or two weeks following the release candidate**.
 ### Feature freeze
 - Merge feature PRs before the freeze when you can.
 - Feature PRs still open at the freeze move to the next milestone. Watch Discord for the freeze announcement.
 - During the freeze, a **release branch** takes fixes backported from `main`. Release candidates ship for testing; the final release for that line is maintained from that branch.
 ### Patch releases
 During a cycle we may ship patch releases for an older line. For example, if the latest release is v1.2, we can still publish v1.1.1 after v1.1.0.
 ### End of life (EOL)
 We support per standard the last major release. For example, if the latest release is v1.26, we support v1.26 and v1.25, but not v1.24 anymore. We will only publish security fixes for the last major release, so if you are using an older release, please upgrade to a supported release as soon as possible.
 Also we always try to support the latest on main branch, so if you are using the latest on main, you should be fine.
 ## Versions
 Gitea has the `main` branch as a tip branch and has version branches
 such as `release/v1.19`. `release/v1.19` is a release branch and we will
 tag `v1.19.0` for binary download. If `v1.19.0` has bugs, we will accept
 pull requests on the `release/v1.19` branch and publish a `v1.19.1` tag,
 after bringing the bug fix also to the main branch.
 Since the `main` branch is a tip version, if you wish to use Gitea
 in production, please download the latest release tag version. All the
 branches will be protected via GitHub, all the PRs to every branch must
 be reviewed by two maintainers and must pass the automatic tests.
 ## Releasing Gitea
 - Let MAJOR, MINOR and PATCH be Major, Minor and Patch version numbers, PATCH should be rc1, rc2, 0, 1, ...... MAJOR.MINOR will be kept the same as milestones on github or gitea in future.
 - Before releasing, confirm all the version's milestone issues or PRs has been resolved. Then discuss the release on Discord channel #maintainers and get agreed with almost all the owners and mergers. Or you can declare the version and if nobody is against it in about several hours.
 - If this is a big version first you have to create PR for changelog on branch `main` with PRs with label `changelog` and after it has been merged do following steps:
  - Create `-dev` tag as `git tag -s -F release.notes vMAJOR.MINOR.0-dev` and push the tag as `git push origin vMAJOR.MINOR.0-dev`.
  - When CI has finished building tag then you have to create a new branch named `release/vMAJOR.MINOR`
 - If it is bugfix version create PR for changelog on branch `release/vMAJOR.MINOR` and wait till it is reviewed and merged.
 - Add a tag as `git tag -s -F release.notes vMAJOR.MINOR.PATCH`, release.notes file could be a temporary file to only include the changelog this version which you added to `CHANGELOG.md`.
 - And then push the tag as `git push origin vMAJOR.MINOR.$`. CI will automatically create a release and upload all the compiled binary. (But currently it doesn't add the release notes automatically. Maybe we should fix that.)
 - If needed send a frontport PR for the changelog to branch `main` and update the version in `docs/config.yaml` to refer to the new version.
 - Send PR to [blog repository](https://gitea.com/gitea/blog) announcing the release.
 - Verify all release assets were correctly published through CI on dl.gitea.com and GitHub releases. Once ACKed:
  - bump the version of https://dl.gitea.com/gitea/version.json
  - merge the blog post PR
  - announce the release in discord `#announcements`
@@ -1,6 +1,6 @@
-module code.gitea.io/gitea
+module git.mokoconsulting.tech/MokoConsulting/MokoGitea
-go 1.26.2
+go 1.26.3
 // rfc5280 said: "The serial number is an integer assigned by the CA to each certificate."
 // But some CAs use negative serial number, just relax the check. related:
@@ -9,6 +9,7 @@ godebug x509negativeserial=1
 require (
 	code.gitea.io/actions-proto-go v0.4.1
 	code.gitea.io/gitea v1.26.2
 	code.gitea.io/sdk/gitea v0.24.1
 	codeberg.org/gusted/mcaptcha v0.0.0-20220723083913-4f3072e1d570
 	connectrpc.com/connect v1.19.1
@@ -46,13 +47,14 @@ require (
 	github.com/ethantkoenig/rupture v1.0.1
 	github.com/felixge/fgprof v0.9.5
 	github.com/fsnotify/fsnotify v1.9.0
 	github.com/getkin/kin-openapi v0.138.0
 	github.com/gliderlabs/ssh v0.3.8
 	github.com/go-chi/chi/v5 v5.2.5
 	github.com/go-chi/cors v1.2.2
 	github.com/go-co-op/gocron/v2 v2.19.1
 	github.com/go-enry/go-enry/v2 v2.9.5
-	github.com/go-git/go-billy/v5 v5.8.0
+	github.com/go-git/go-billy/v5 v5.9.0
-	github.com/go-git/go-git/v5 v5.18.0
+	github.com/go-git/go-git/v5 v5.19.0
 	github.com/go-ldap/ldap/v3 v3.4.13
 	github.com/go-redsync/redsync/v4 v4.16.0
 	github.com/go-sql-driver/mysql v1.9.3
@@ -86,7 +88,6 @@ require (
 	github.com/msteinert/pam/v2 v2.1.0
 	github.com/nektos/act v0.2.63
 	github.com/niklasfasching/go-org v1.9.1
 	github.com/olivere/elastic/v7 v7.0.32
 	github.com/opencontainers/go-digest v1.0.0
 	github.com/opencontainers/image-spec v1.1.1
 	github.com/pquerna/otp v1.5.0
@@ -110,17 +111,18 @@ require (
 	github.com/yuin/goldmark-highlighting/v2 v2.0.0-20230729083705-37449abec8cc
 	gitlab.com/gitlab-org/api/client-go v1.46.0
 	go.yaml.in/yaml/v4 v4.0.0-rc.3
-	golang.org/x/crypto v0.49.0
+	golang.org/x/crypto v0.52.0
-	golang.org/x/image v0.38.0
+	golang.org/x/image v0.40.0
-	golang.org/x/net v0.52.0
+	golang.org/x/net v0.55.0
 	golang.org/x/oauth2 v0.36.0
 	golang.org/x/sync v0.20.0
-	golang.org/x/sys v0.42.0
+	golang.org/x/sys v0.45.0
-	golang.org/x/text v0.35.0
+	golang.org/x/text v0.37.0
 	google.golang.org/grpc v1.79.3
 	google.golang.org/protobuf v1.36.11
 	gopkg.in/ini.v1 v1.67.1
 	gopkg.in/yaml.v3 v3.0.1
 	modernc.org/sqlite v1.20.4
 	mvdan.cc/xurls/v2 v2.6.0
 	strk.kbt.io/projects/go/libravatar v0.0.0-20260301104140-add494e31dab
 	xorm.io/builder v0.3.13
@@ -187,13 +189,14 @@ require (
 	github.com/emersion/go-sasl v0.0.0-20241020182733-b788ff22d5a6 // indirect
 	github.com/fatih/color v1.19.0 // indirect
 	github.com/fxamacker/cbor/v2 v2.9.1 // indirect
 	github.com/getkin/kin-openapi v0.138.0 // indirect
 	github.com/git-lfs/pktline v0.0.0-20230103162542-ca444d533ef1 // indirect
 	github.com/go-asn1-ber/asn1-ber v1.5.8-0.20250403174932-29230038a667 // indirect
 	github.com/go-enry/go-oniguruma v1.2.1 // indirect
 	github.com/go-fed/httpsig v1.1.1-0.20201223112313-55836744818e // indirect
 	github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect
 	github.com/go-ini/ini v1.67.0 // indirect
 	github.com/go-openapi/jsonpointer v0.21.0 // indirect
 	github.com/go-openapi/swag v0.23.0 // indirect
 	github.com/go-viper/mapstructure/v2 v2.5.0 // indirect
 	github.com/go-webauthn/x v0.2.2 // indirect
 	github.com/goccy/go-json v0.10.6 // indirect
@@ -234,19 +237,24 @@ require (
 	github.com/minio/minlz v1.1.0 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 // indirect
 	github.com/mrjones/oauth v0.0.0-20190623134757-126b35219450 // indirect
 	github.com/mschoch/smat v0.2.0 // indirect
 	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
 	github.com/ncruces/go-strftime v0.1.9 // indirect
 	github.com/nwaples/rardecode/v2 v2.2.2 // indirect
 	github.com/nxadm/tail v1.4.8 // indirect
 	github.com/oasdiff/yaml v0.0.9 // indirect
 	github.com/oasdiff/yaml3 v0.0.12 // indirect
 	github.com/olekukonko/cat v0.0.0-20250911104152-50322a0618f6 // indirect
 	github.com/olekukonko/errors v1.2.0 // indirect
 	github.com/olekukonko/ll v0.1.8 // indirect
 	github.com/olekukonko/tablewriter v1.1.4 // indirect
-	github.com/onsi/ginkgo v1.16.5 // indirect
+	github.com/olivere/elastic/v7 v7.0.32 // indirect
 	github.com/perimeterx/marshmallow v1.1.5 // indirect
 	github.com/philhofer/fwd v1.2.0 // indirect
 	github.com/pierrec/lz4/v4 v4.1.26 // indirect
-	github.com/pjbgf/sha1cd v0.5.0 // indirect
+	github.com/pjbgf/sha1cd v0.6.0 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
 	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
 	github.com/prometheus/client_model v0.6.2 // indirect
@@ -264,12 +272,12 @@ require (
 	github.com/ssor/bom v0.0.0-20170718123548-6386211fdfcf // indirect
 	github.com/tinylib/msgp v1.6.3 // indirect
 	github.com/unknwon/com v1.0.1 // indirect
 	github.com/woodsbury/decimal128 v1.3.0 // indirect
 	github.com/x448/float16 v0.8.4 // indirect
 	github.com/xanzy/ssh-agent v0.3.3 // indirect
 	github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect
 	github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect
 	github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect
 	github.com/zeebo/assert v1.3.0 // indirect
 	github.com/zeebo/blake3 v0.2.4 // indirect
 	go.etcd.io/bbolt v1.4.3 // indirect
 	go.uber.org/atomic v1.11.0 // indirect
@@ -279,10 +287,9 @@ require (
 	go.yaml.in/yaml/v2 v2.4.4 // indirect
 	go.yaml.in/yaml/v3 v3.0.4 // indirect
 	go4.org v0.0.0-20260112195520-a5071408f32f // indirect
-	golang.org/x/exp v0.0.0-20250819193227-8b4c13bb791b // indirect
+	golang.org/x/mod v0.35.0 // indirect
 	golang.org/x/mod v0.34.0 // indirect
 	golang.org/x/time v0.15.0 // indirect
-	golang.org/x/tools v0.43.0 // indirect
+	golang.org/x/tools v0.44.0 // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20260401020348-3a24fdc17823 // indirect
 	gopkg.in/warnings.v0 v0.1.2 // indirect
 	lukechampine.com/uint128 v1.2.0 // indirect
@@ -292,7 +299,6 @@ require (
 	modernc.org/mathutil v1.6.0 // indirect
 	modernc.org/memory v1.8.0 // indirect
 	modernc.org/opt v0.1.3 // indirect
 	modernc.org/sqlite v1.20.4 // indirect
 	modernc.org/strutil v1.2.0 // indirect
 	modernc.org/token v1.1.0 // indirect
 )
@@ -2,6 +2,8 @@ cloud.google.com/go/compute/metadata v0.9.0 h1:pDUj4QMoPejqq20dK0Pg2N4yG9zIkYGdB
 cloud.google.com/go/compute/metadata v0.9.0/go.mod h1:E0bWwX5wTnLPedCKqk3pJmVgCBSM6qQI1yTBdEb3C10=
 code.gitea.io/actions-proto-go v0.4.1 h1:l0EYhjsgpUe/1VABo2eK7zcoNX2W44WOnb0MSLrKfls=
 code.gitea.io/actions-proto-go v0.4.1/go.mod h1:mn7Wkqz6JbnTOHQpot3yDeHx+O5C9EGhMEE+htvHBas=
 code.gitea.io/gitea v1.26.2 h1:i0oTSOGXnB3WLILa0lRzwi4KFIkKIEZnoyCtYiajtYY=
 code.gitea.io/gitea v1.26.2/go.mod h1:K2pVuCKcxMzEl/KBD3b4GsWIOu6ZH74g8lJYiACcnsM=
 code.gitea.io/gitea-vet v0.2.3 h1:gdFmm6WOTM65rE8FUBTRzeQZYzXePKSSB1+r574hWwI=
 code.gitea.io/gitea-vet v0.2.3/go.mod h1:zcNbT/aJEmivCAhfmkHOlT645KNOf9W2KnkLgFjGGfE=
 code.gitea.io/sdk/gitea v0.24.1 h1:hpaqcdGcBmfMpV7JSbBJVwE99qo+WqGreJYKrDKEyW8=
@@ -302,18 +304,22 @@ github.com/go-fed/httpsig v1.1.1-0.20201223112313-55836744818e h1:oRq/fiirun5Hql
 github.com/go-fed/httpsig v1.1.1-0.20201223112313-55836744818e/go.mod h1:RCMrTZvN1bJYtofsG4rd5NaO5obxQ5xBkdiS7xsT7bM=
 github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 h1:+zs/tPmkDkHx3U66DAb0lQFJrpS6731Oaa12ikc+DiI=
 github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376/go.mod h1:an3vInlBmSxCcxctByoQdvwPiA7DTK7jaaFDBTtu0ic=
-github.com/go-git/go-billy/v5 v5.8.0 h1:I8hjc3LbBlXTtVuFNJuwYuMiHvQJDq1AT6u4DwDzZG0=
+github.com/go-git/go-billy/v5 v5.9.0 h1:jItGXszUDRtR/AlferWPTMN4j38BQ88XnXKbilmmBPA=
-github.com/go-git/go-billy/v5 v5.8.0/go.mod h1:RpvI/rw4Vr5QA+Z60c6d6LXH0rYJo0uD5SqfmrrheCY=
+github.com/go-git/go-billy/v5 v5.9.0/go.mod h1:jCnQMLj9eUgGU7+ludSTYoZL/GGmii14RxKFj7ROgHw=
 github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20231010084843-55a94097c399 h1:eMje31YglSBqCdIqdhKBW8lokaMrL3uTkpGYlE2OOT4=
 github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20231010084843-55a94097c399/go.mod h1:1OCfN199q1Jm3HZlxleg+Dw/mwps2Wbk9frAWm+4FII=
-github.com/go-git/go-git/v5 v5.18.0 h1:O831KI+0PR51hM2kep6T8k+w0/LIAD490gvqMCvL5hM=
+github.com/go-git/go-git/v5 v5.19.0 h1:+WkVUQZSy/F1Gb13udrMKjIM2PrzsNfDKFSfo5tkMtc=
-github.com/go-git/go-git/v5 v5.18.0/go.mod h1:pW/VmeqkanRFqR6AljLcs7EA7FbZaN5MQqO7oZADXpo=
+github.com/go-git/go-git/v5 v5.19.0/go.mod h1:Pb1v0c7/g8aGQJwx9Us09W85yGoyvSwuhEGMH7zjDKQ=
 github.com/go-ini/ini v1.67.0 h1:z6ZrTEZqSWOTyH2FlglNbNgARyHG8oLW9gMELqKr06A=
 github.com/go-ini/ini v1.67.0/go.mod h1:ByCAeIL28uOIIG0E3PJtZPDL8WnHpFKFOtgjp+3Ies8=
 github.com/go-jose/go-jose/v4 v4.1.3 h1:CVLmWDhDVRa6Mi/IgCgaopNosCaHz7zrMeF9MlZRkrs=
 github.com/go-jose/go-jose/v4 v4.1.3/go.mod h1:x4oUasVrzR7071A4TnHLGSPpNOm2a21K9Kf04k1rs08=
 github.com/go-ldap/ldap/v3 v3.4.13 h1:+x1nG9h+MZN7h/lUi5Q3UZ0fJ1GyDQYbPvbuH38baDQ=
 github.com/go-ldap/ldap/v3 v3.4.13/go.mod h1:LxsGZV6vbaK0sIvYfsv47rfh4ca0JXokCoKjZxsszv0=
 github.com/go-openapi/jsonpointer v0.21.0 h1:YgdVicSA9vH5RiHs9TZW5oyafXZFc6+2Vc1rr/O9oNQ=
 github.com/go-openapi/jsonpointer v0.21.0/go.mod h1:IUyH9l/+uyhIYQ/PXVA41Rexl+kOkAPDdXEYns6fzUY=
 github.com/go-openapi/swag v0.23.0 h1:vsEVJDUo2hPJ2tu0/Xc+4noaxyEffXNIs3cOULZ+GrE=
 github.com/go-openapi/swag v0.23.0/go.mod h1:esZ8ITTYEsH1V2trKHjAN8Ai7xHb8RV+YSZ577vPjgQ=
 github.com/go-redis/redis v6.15.9+incompatible h1:K0pv1D7EQUjfyoMql+r/jZqCLizCGKFlFgcHWWmHQjg=
 github.com/go-redis/redis v6.15.9+incompatible/go.mod h1:NAIEuMOZ/fxfXJIrKDQDz8wamY7mA7PouImQ2Jvg6kA=
 github.com/go-redis/redis/v7 v7.4.1 h1:PASvf36gyUpr2zdOUS/9Zqc80GbM+9BDyiJSJDDOrTI=
@@ -324,7 +330,6 @@ github.com/go-redsync/redsync/v4 v4.16.0 h1:bNcOzeHH9d3s6pghU9NJFMPrQa41f5Nx3L4Y
 github.com/go-redsync/redsync/v4 v4.16.0/go.mod h1:V4gagqgyASWBZuwx4xGzu72aZNb/6Mo05byUa3mVmKQ=
 github.com/go-sql-driver/mysql v1.9.3 h1:U/N249h2WzJ3Ukj8SowVFjdtZKfu9vlLZxjPXV1aweo=
 github.com/go-sql-driver/mysql v1.9.3/go.mod h1:qn46aNg1333BRMNU69Lq93t8du/dwxI64Gl8i5p1WMU=
 github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE=
 github.com/go-test/deep v1.1.1 h1:0r/53hagsehfO4bzD2Pgr/+RgHqhmf+k1Bpse2cTu1U=
 github.com/go-test/deep v1.1.1/go.mod h1:5C2ZWiW0ErCdrYzpqxLbTX7MG14M9iiw8DgHncVwcsE=
 github.com/go-viper/mapstructure/v2 v2.5.0 h1:vM5IJoUAy3d7zRSVtIwQgBj7BiWtMPfmPEgAXnvj1Ro=
@@ -352,12 +357,6 @@ github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 h1:f+oWsMOmNPc8J
 github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8/go.mod h1:wcDNUvekVysuuOpQKo3191zZyTpiI6se1N1ULghS0sw=
 github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
 github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
 github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs=
 github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w=
 github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0=
 github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
 github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
 github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps=
 github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
@@ -371,9 +370,6 @@ github.com/google/btree v1.1.3/go.mod h1:qOPhT0dTNdNzV6Z/lhRX0YXUafgPLFUh+gZMl76
 github.com/google/flatbuffers v24.3.25+incompatible/go.mod h1:1AeVuKshWv4vARoZatz6mlQ0JxURH0Kv5+zNeJKJCa8=
 github.com/google/flatbuffers v25.12.19+incompatible h1:haMV2JRRJCe1998HeW/p0X9UaMTK6SDo0ffLn2+DbLs=
 github.com/google/flatbuffers v25.12.19+incompatible/go.mod h1:1AeVuKshWv4vARoZatz6mlQ0JxURH0Kv5+zNeJKJCa8=
 github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
 github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
 github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
@@ -551,6 +547,8 @@ github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
 github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M=
 github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
 github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 h1:RWengNIwukTxcDr9M+97sNutRR1RKhG96O6jWumTTnw=
 github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826/go.mod h1:TaXosZuwdSHYgviHp1DAtfrULt5eUgsSMsZf+YrPgl8=
 github.com/mrjones/oauth v0.0.0-20190623134757-126b35219450 h1:j2kD3MT1z4PXCiUllUJF9mWUESr9TWKS7iEKsQ/IipM=
 github.com/mrjones/oauth v0.0.0-20190623134757-126b35219450/go.mod h1:skjdDftzkFALcuGzYSklqYd8gvat6F1gZJ4YPVbkZpM=
 github.com/mschoch/smat v0.0.0-20160514031455-90eadee771ae/go.mod h1:qAyveg+e4CE+eKJXWVjKXM4ck2QobLqTDytGJbLLhJg=
@@ -566,9 +564,12 @@ github.com/niklasfasching/go-org v1.9.1 h1:/3s4uTPOF06pImGa2Yvlp24yKXZoTYM+nsIlM
 github.com/niklasfasching/go-org v1.9.1/go.mod h1:ZAGFFkWvUQcpazmi/8nHqwvARpr1xpb+Es67oUGX/48=
 github.com/nwaples/rardecode/v2 v2.2.2 h1:/5oL8dzYivRM/tqX9VcTSWfbpwcbwKG1QtSJr3b3KcU=
 github.com/nwaples/rardecode/v2 v2.2.2/go.mod h1:7uz379lSxPe6j9nvzxUZ+n7mnJNgjsRNb6IbvGVHRmw=
 github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A=
 github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE=
 github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU=
 github.com/oasdiff/yaml v0.0.9 h1:zQOvd2UKoozsSsAknnWoDJlSK4lC0mpmjfDsfqNwX48=
 github.com/oasdiff/yaml v0.0.9/go.mod h1:8lvhgJG4xiKPj3HN5lDow4jZHPlx1i7dIwzkdAo6oAM=
 github.com/oasdiff/yaml3 v0.0.12 h1:75urAtPeDg2/iDEWwzNrLOWxI9N/dCh81nTTJtokt2M=
 github.com/oasdiff/yaml3 v0.0.12/go.mod h1:y5+oSEHCPT/DGrS++Wc/479ERge0zTFxaF8PbGKcg2o=
 github.com/olekukonko/cat v0.0.0-20250911104152-50322a0618f6 h1:zrbMGy9YXpIeTnGj4EljqMiZsIcE09mmF8XsD5AYOJc=
 github.com/olekukonko/cat v0.0.0-20250911104152-50322a0618f6/go.mod h1:rEKTHC9roVVicUIfZK7DYrdIoM0EOr8mK1Hj5s3JjH0=
 github.com/olekukonko/errors v1.2.0 h1:10Zcn4GeV59t/EGqJc8fUjtFT/FuUh5bTMzZ1XwmCRo=
@@ -581,12 +582,9 @@ github.com/olivere/elastic/v7 v7.0.32 h1:R7CXvbu8Eq+WlsLgxmKVKPox0oOwAE/2T9Si5Bn
 github.com/olivere/elastic/v7 v7.0.32/go.mod h1:c7PVmLe3Fxq77PIfY/bZmxY/TAamBhCzZ8xDOE09a9k=
 github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
 github.com/onsi/ginkgo v1.7.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
 github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk=
 github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE=
 github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU=
 github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
 github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY=
 github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo=
 github.com/onsi/gomega v1.34.1 h1:EUMJIKUjM8sKjYbtxQI9A4z2o+rruxnzNvpknOXie6k=
 github.com/onsi/gomega v1.34.1/go.mod h1:kU1QgUvBDLXBJq618Xvm2LUX6rSAfRaFRTcdOeDLwwY=
 github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U=
@@ -595,13 +593,15 @@ github.com/opencontainers/image-spec v1.1.1 h1:y0fUlFfIZhPF1W537XOLg0/fcx6zcHCJw
 github.com/opencontainers/image-spec v1.1.1/go.mod h1:qpqAh3Dmcf36wStyyWU+kCeDgrGnAve2nCC8+7h8Q0M=
 github.com/orisano/pixelmatch v0.0.0-20220722002657-fb0b55479cde/go.mod h1:nZgzbfBr3hhjoZnS66nKrHmduYNpc34ny7RK4z5/HM0=
 github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic=
 github.com/perimeterx/marshmallow v1.1.5 h1:a2LALqQ1BlHM8PZblsDdidgv1mWi1DgC2UmX50IvK2s=
 github.com/perimeterx/marshmallow v1.1.5/go.mod h1:dsXbUu8CRzfYP5a87xpp0xq9S3u0Vchtcl8we9tYaXw=
 github.com/philhofer/fwd v1.0.0/go.mod h1:gk3iGcWd9+svBvR0sR+KPcfE+RNWozjowpeBVG3ZVNU=
 github.com/philhofer/fwd v1.2.0 h1:e6DnBTl7vGY+Gz322/ASL4Gyp1FspeMvx1RNDoToZuM=
 github.com/philhofer/fwd v1.2.0/go.mod h1:RqIHx9QI14HlwKwm98g9Re5prTQ6LdeRQn+gXJFxsJM=
 github.com/pierrec/lz4/v4 v4.1.26 h1:GrpZw1gZttORinvzBdXPUXATeqlJjqUG/D87TKMnhjY=
 github.com/pierrec/lz4/v4 v4.1.26/go.mod h1:EoQMVJgeeEOMsCqCzqFm2O0cJvljX2nGZjcRIPL34O4=
-github.com/pjbgf/sha1cd v0.5.0 h1:a+UkboSi1znleCDUNT3M5YxjOnN1fz2FhN48FlwCxs0=
+github.com/pjbgf/sha1cd v0.6.0 h1:3WJ8Wz8gvDz29quX1OcEmkAlUg9diU4GxJHqs0/XiwU=
-github.com/pjbgf/sha1cd v0.5.0/go.mod h1:lhpGlyHLpQZoxMv8HcgXvZEhcGs0PG/vsZnEJ7H0iCM=
+github.com/pjbgf/sha1cd v0.6.0/go.mod h1:lhpGlyHLpQZoxMv8HcgXvZEhcGs0PG/vsZnEJ7H0iCM=
 github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c h1:+mdjkGKdHQG3305AYmdv1U2eRNDiU2ErMBj1gwrq8eQ=
 github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c/go.mod h1:7rwL4CYBLnjLxUqIJNnCWiEdr3bn6IUYi15bNlnbCCU=
 github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
@@ -685,7 +685,6 @@ github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
 github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
@@ -704,6 +703,8 @@ github.com/tinylib/msgp v1.6.3/go.mod h1:RSp0LW9oSxFut3KzESt5Voq4GVWyS+PSulT77ro
 github.com/tstranex/u2f v1.0.0 h1:HhJkSzDDlVSVIVt7pDJwCHQj67k7A5EeBgPmeD+pVsQ=
 github.com/tstranex/u2f v1.0.0/go.mod h1:eahSLaqAS0zsIEv80+vXT7WanXs7MQQDg3j3wGBSayo=
 github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0=
 github.com/ugorji/go/codec v1.2.7 h1:YPXUKf7fYbp/y8xloBqZOw2qaVggbfwMlI8WM3wZUJ0=
 github.com/ugorji/go/codec v1.2.7/go.mod h1:WGN1fab3R1fzQlVQTkfxVtIBhWDRqOviHU95kRgeqEY=
 github.com/ulikunitz/xz v0.5.8/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14=
 github.com/ulikunitz/xz v0.5.15 h1:9DNdB5s+SgV3bQ2ApL10xRc35ck0DuIX/isZvIk+ubY=
 github.com/ulikunitz/xz v0.5.15/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14=
@@ -716,6 +717,8 @@ github.com/urfave/cli/v3 v3.4.1/go.mod h1:FJSKtM/9AiiTOJL4fJ6TbMUkxBXn7GO9guZqoZ
 github.com/willf/bitset v1.1.10/go.mod h1:RjeCKbqT1RxIR/KWY6phxZiaY1IyutSBfGjNPySAYV4=
 github.com/wneessen/go-mail v0.7.2 h1:xxPnhZ6IZLSgxShebmZ6DPKh1b6OJcoHfzy7UjOkzS8=
 github.com/wneessen/go-mail v0.7.2/go.mod h1:+TkW6QP3EVkgTEqHtVmnAE/1MRhmzb8Y9/W3pweuS+k=
 github.com/woodsbury/decimal128 v1.3.0 h1:8pffMNWIlC0O5vbyHWFZAt5yWvWcrHA+3ovIIjVWss0=
 github.com/woodsbury/decimal128 v1.3.0/go.mod h1:C5UTmyTjW3JftjUFzOVhC20BEQa2a4ZKOB5I6Zjb+ds=
 github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM=
 github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg=
 github.com/xanzy/ssh-agent v0.3.3 h1:+/15pJfg/RsTxqYcX6fHqOXZwwMP+2VyYWJeWM2qQFM=
@@ -787,12 +790,12 @@ golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDf
 golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8=
 golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
 golang.org/x/crypto v0.32.0/go.mod h1:ZnnJkOaASj8g0AjIduWNlq2NRxL0PlBrbKVyZ6V/Ugc=
-golang.org/x/crypto v0.49.0 h1:+Ng2ULVvLHnJ/ZFEq4KdcDd/cfjrrjjNSXNzxg0Y4U4=
+golang.org/x/crypto v0.52.0 h1:RMs7fP2rXdep0CftQlK8Uf+kibLm7qkCcradZWYz988=
-golang.org/x/crypto v0.49.0/go.mod h1:ErX4dUh2UM+CFYiXZRTcMpEcN8b/1gxEuv3nODoYtCA=
+golang.org/x/crypto v0.52.0/go.mod h1:1QgfPxDqh0T2M/elOJtp9RvuR95kVjir0e6/BvEmGbc=
-golang.org/x/exp v0.0.0-20250819193227-8b4c13bb791b h1:DXr+pvt3nC887026GRP39Ej11UATqWDmWuS99x26cD0=
+golang.org/x/exp v0.0.0-20260410095643-746e56fc9e2f h1:W3F4c+6OLc6H2lb//N1q4WpJkhzJCK5J6kUi1NTVXfM=
-golang.org/x/exp v0.0.0-20250819193227-8b4c13bb791b/go.mod h1:4QTo5u+SEIbbKW1RacMZq1YEfOBqeXa19JeshGi+zc4=
+golang.org/x/exp v0.0.0-20260410095643-746e56fc9e2f/go.mod h1:J1xhfL/vlindoeF/aINzNzt2Bket5bjo9sdOYzOsU80=
-golang.org/x/image v0.38.0 h1:5l+q+Y9JDC7mBOMjo4/aPhMDcxEptsX+Tt3GgRQRPuE=
+golang.org/x/image v0.40.0 h1:Tw4GyDXMo+daZN1znreBRC3VayR1aLFUyUEOLUdW1a8=
-golang.org/x/image v0.38.0/go.mod h1:/3f6vaXC+6CEanU4KJxbcUZyEePbyKbaLoDOe4ehFYY=
+golang.org/x/image v0.40.0/go.mod h1:uIc348UZMSvS5Z65CVZ7iDPaNobNFEPeJ4kbqTOszmA=
 golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
 golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
 golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
@@ -802,15 +805,13 @@ golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
 golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
 golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
 golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
-golang.org/x/mod v0.34.0 h1:xIHgNUUnW6sYkcM5Jleh05DvLOtwc6RitGHbDk4akRI=
+golang.org/x/mod v0.35.0 h1:Ww1D637e6Pg+Zb2KrWfHQUnH2dQRLBQyAtpr/haaJeM=
-golang.org/x/mod v0.34.0/go.mod h1:ykgH52iCZe79kzLLMhyCUzhMci+nQj+0XkbXpNYtVjY=
+golang.org/x/mod v0.35.0/go.mod h1:+GwiRhIInF8wPm+4AoT6L0FA1QWAad3OMdTRx4tFYlU=
 golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
 golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
 golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
@@ -821,15 +822,14 @@ golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk=
 golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
 golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM=
 golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4=
-golang.org/x/net v0.52.0 h1:He/TN1l0e4mmR3QqHMT2Xab3Aj3L9qjbhRm78/6jrW0=
+golang.org/x/net v0.55.0 h1:bcvxaJn3e1U6InsFWt1JUq1aSjnRxLzT2rtD2KfkDF8=
-golang.org/x/net v0.52.0/go.mod h1:R1MAz7uMZxVMualyPXb+VaqGSa3LIaUqk0eEt3w36Sw=
+golang.org/x/net v0.55.0/go.mod h1:L5U2KuzuOe1lY7Z+aWVIKK6qEeJXnXV9yzGA+WCHJww=
 golang.org/x/oauth2 v0.36.0 h1:peZ/1z27fi9hUOFCAZaHyrpWG5lwe0RJEEEeH0ThlIs=
 golang.org/x/oauth2 v0.36.0/go.mod h1:YDBUJMTkDnJS+A4BP4eZBjCqtokkg1hODuPjwiGPO7Q=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -845,16 +845,12 @@ golang.org/x/sys v0.0.0-20181221143128-b4a75ba826a6/go.mod h1:STP8DvDyc/dI5b8T5h
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20191010194322-b09406accb47/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
@@ -870,8 +866,8 @@ golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/sys v0.42.0 h1:omrd2nAlyT5ESRdCLYdm3+fMfNFE/+Rf4bDIQImRJeo=
+golang.org/x/sys v0.45.0 h1:dO4czNzziLiiXplLQgBCEpCvXQ3dnkn0SdaZSYdQ+FY=
-golang.org/x/sys v0.42.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw=
+golang.org/x/sys v0.45.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw=
 golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2/go.mod h1:TeRTkGYfJXctD9OcfyVLyj2J3IxLnKwHJR8f4D8a3YE=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
@@ -882,8 +878,8 @@ golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
 golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY=
 golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM=
 golang.org/x/term v0.28.0/go.mod h1:Sw/lC2IAUZ92udQNf3WodGtn4k/XoLyZoh8v/8uiwek=
-golang.org/x/term v0.41.0 h1:QCgPso/Q3RTJx2Th4bDLqML4W6iJiaXFq2/ftQF13YU=
+golang.org/x/term v0.43.0 h1:S4RLU2sB31O/NCl+zFN9Aru9A/Cq2aqKpTZJ6B+DwT4=
-golang.org/x/term v0.41.0/go.mod h1:3pfBgksrReYfZ5lvYM0kSO0LIkAl4Yl2bXOkKP7Ec2A=
+golang.org/x/term v0.43.0/go.mod h1:lrhlHNdQJHO+1qVYiHfFKVuVioJIheAc3fBSMFYEIsk=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
@@ -894,8 +890,8 @@ golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
 golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
 golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
 golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
-golang.org/x/text v0.35.0 h1:JOVx6vVDFokkpaq1AEptVzLTpDe9KGpj5tR4/X+ybL8=
+golang.org/x/text v0.37.0 h1:Cqjiwd9eSg8e0QAkyCaQTNHFIIzWtidPahFWR83rTrc=
-golang.org/x/text v0.35.0/go.mod h1:khi/HExzZJ2pGnjenulevKNX1W67CUy0AsXcNubPGCA=
+golang.org/x/text v0.37.0/go.mod h1:a5sjxXGs9hsn/AJVwuElvCAo9v8QYLzvavO5z2PiM38=
 golang.org/x/time v0.15.0 h1:bbrp8t3bGUeFOx08pvsMYRTCVSMk89u4tKbNOZbp88U=
 golang.org/x/time v0.15.0/go.mod h1:Y4YMaQmXwGQZoFaVFk4YpCt4FLQMYKZe9oeV/f4MSno=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
@@ -903,13 +899,12 @@ golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtn
 golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
 golang.org/x/tools v0.0.0-20200325010219-a49f79bcc224/go.mod h1:Sl4aGygMT6LrqrWclx+PTx3U+LnKx/seiNR+3G19Ar8=
 golang.org/x/tools v0.0.0-20200928182047-19e03678916f/go.mod h1:z6u4i615ZeAfBE4XtMziQW1fSVJXACjjbWkB/mvPzlU=
 golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
 golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
 golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
 golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58=
 golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk=
-golang.org/x/tools v0.43.0 h1:12BdW9CeB3Z+J/I/wj34VMl8X+fEXBxVR90JeMX5E7s=
+golang.org/x/tools v0.44.0 h1:UP4ajHPIcuMjT1GqzDWRlalUEoY+uzoZKnhOjbIPD2c=
-golang.org/x/tools v0.43.0/go.mod h1:uHkMso649BX2cZK6+RpuIPXS3ho2hZo4FVwfoy1vIk0=
+golang.org/x/tools v0.44.0/go.mod h1:KA0AfVErSdxRZIsOVipbv3rQhVXTnlU6UhKxHd1seDI=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
@@ -918,12 +913,6 @@ google.golang.org/genproto/googleapis/rpc v0.0.0-20260401020348-3a24fdc17823 h1:
 google.golang.org/genproto/googleapis/rpc v0.0.0-20260401020348-3a24fdc17823/go.mod h1:4Hqkh8ycfw05ld/3BWL7rJOSfebL2Q+DVDeRgYgxUU8=
 google.golang.org/grpc v1.79.3 h1:sybAEdRIEtvcD68Gx7dmnwjZKlyfuc61Dyo9pGXXkKE=
 google.golang.org/grpc v1.79.3/go.mod h1:KmT0Kjez+0dde/v2j9vzwoAScgEPx/Bw1CYChhHLrHQ=
 google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
 google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
 google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
 google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
 google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
 google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
 google.golang.org/protobuf v1.36.11 h1:fV6ZwhNocDyBLK0dj+fg8ektcVegBBuEolpbTQyBNVE=
 google.golang.org/protobuf v1.36.11/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
@@ -941,7 +930,6 @@ gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
@@ -950,8 +938,20 @@ lukechampine.com/uint128 v1.2.0 h1:mBi/5l91vocEN8otkC5bDLhi2KdCticRiwbdB0O+rjI=
 lukechampine.com/uint128 v1.2.0/go.mod h1:c4eWIwlEGaxC/+H1VguhU4PHXNWDCDMUlWdIWl2j1gk=
 modernc.org/cc/v3 v3.40.0 h1:P3g79IUS/93SYhtoeaHW+kRCIrYaxJ27MFPv+7kaTOw=
 modernc.org/cc/v3 v3.40.0/go.mod h1:/bTg4dnWkSXowUO6ssQKnOV0yMVxDYNIsIrzqTFDGH0=
 modernc.org/cc/v4 v4.21.4 h1:3Be/Rdo1fpr8GrQ7IVw9OHtplU4gWbb+wNgeoBMmGLQ=
 modernc.org/cc/v4 v4.21.4/go.mod h1:HM7VJTZbUCR3rV8EYBi9wxnJ0ZBRiGE5OeGXNA0IsLQ=
 modernc.org/ccgo/v3 v3.16.13 h1:Mkgdzl46i5F/CNR/Kj80Ri59hC8TKAhZrYSaqvkwzUw=
 modernc.org/ccgo/v3 v3.16.13/go.mod h1:2Quk+5YgpImhPjv2Qsob1DnZ/4som1lJTodubIcoUkY=
 modernc.org/ccgo/v4 v4.19.2 h1:lwQZgvboKD0jBwdaeVCTouxhxAyN6iawF3STraAal8Y=
 modernc.org/ccgo/v4 v4.19.2/go.mod h1:ysS3mxiMV38XGRTTcgo0DQTeTmAO4oCmJl1nX9VFI3s=
 modernc.org/ccorpus v1.11.6 h1:J16RXiiqiCgua6+ZvQot4yUuUy8zxgqbqEEUuGPlISk=
 modernc.org/ccorpus v1.11.6/go.mod h1:2gEUTrWqdpH2pXsmTM1ZkjeSrUWDpjMu2T6m29L/ErQ=
 modernc.org/fileutil v1.3.0 h1:gQ5SIzK3H9kdfai/5x41oQiKValumqNTDXMvKo62HvE=
 modernc.org/fileutil v1.3.0/go.mod h1:XatxS8fZi3pS8/hKG2GH/ArUogfxjpEKs3Ku3aK4JyQ=
 modernc.org/gc/v2 v2.4.1 h1:9cNzOqPyMJBvrUipmynX0ZohMhcxPtMccYgGOJdOiBw=
 modernc.org/gc/v2 v2.4.1/go.mod h1:wzN5dK1AzVGoH6XOzc3YZ+ey/jPgYHLuVckd62P0GYU=
 modernc.org/httpfs v1.0.6 h1:AAgIpFZRXuYnkjftxTAZwMIiwEqAfk8aVB2/oA6nAeM=
 modernc.org/httpfs v1.0.6/go.mod h1:7dosgurJGp0sPaRanU53W4xZYKh14wfzX420oZADeHM=
 modernc.org/libc v1.55.3 h1:AzcW1mhlPNrRtjS5sS+eW2ISCgSOLLNyFzRh/V3Qj/U=
 modernc.org/libc v1.55.3/go.mod h1:qFXepLhz+JjFThQ4kzwzOjA/y/artDeg+pcYnY+Q83w=
 modernc.org/mathutil v1.6.0 h1:fRe9+AmYlaej+64JsEEhoWuAYBkOtQiMEU7n/XgfYi4=
@@ -960,12 +960,18 @@ modernc.org/memory v1.8.0 h1:IqGTL6eFMaDZZhEWwcREgeMXYwmW83LYW8cROZYkg+E=
 modernc.org/memory v1.8.0/go.mod h1:XPZ936zp5OMKGWPqbD3JShgd/ZoQ7899TUuQqxY+peU=
 modernc.org/opt v0.1.3 h1:3XOZf2yznlhC+ibLltsDGzABUGVx8J6pnFMS3E4dcq4=
 modernc.org/opt v0.1.3/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0=
 modernc.org/sortutil v1.2.0 h1:jQiD3PfS2REGJNzNCMMaLSp/wdMNieTbKX920Cqdgqc=
 modernc.org/sortutil v1.2.0/go.mod h1:TKU2s7kJMf1AE84OoiGppNHJwvB753OYfNl2WRb++Ss=
 modernc.org/sqlite v1.20.4 h1:J8+m2trkN+KKoE7jglyHYYYiaq5xmz2HoHJIiBlRzbE=
 modernc.org/sqlite v1.20.4/go.mod h1:zKcGyrICaxNTMEHSr1HQ2GUraP0j+845GYw37+EyT6A=
 modernc.org/strutil v1.2.0 h1:agBi9dp1I+eOnxXeiZawM8F4LawKv4NzGWSaLfyeNZA=
 modernc.org/strutil v1.2.0/go.mod h1:/mdcBmfOibveCTBxUl5B5l6W+TTH1FXPLHZE6bTosX0=
 modernc.org/tcl v1.15.0 h1:oY+JeD11qVVSgVvodMJsu7Edf8tr5E/7tuhF5cNYz34=
 modernc.org/tcl v1.15.0/go.mod h1:xRoGotBZ6dU+Zo2tca+2EqVEeMmOUBzHnhIwq4YrVnE=
 modernc.org/token v1.1.0 h1:Xl7Ap9dKaEs5kLoOQeQmPWevfnk/DM5qcLcYlA8ys6Y=
 modernc.org/token v1.1.0/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM=
 modernc.org/z v1.7.0 h1:xkDw/KepgEjeizO2sNco+hqYkU12taxQFqPEmgm1GWE=
 modernc.org/z v1.7.0/go.mod h1:hVdgNMh8ggTuRG1rGU8x+xGRFfiQUIAw0ZqlPy8+HyQ=
 mvdan.cc/xurls/v2 v2.6.0 h1:3NTZpeTxYVWNSokW3MKeyVkz/j7uYXYiMtXRUfmjbgI=
 mvdan.cc/xurls/v2 v2.6.0/go.mod h1:bCvEZ1XvdA6wDnxY7jPPjEmigDtvtvPXAD/Exa9IMSk=
 pgregory.net/rapid v0.4.2 h1:lsi9jhvZTYvzVpeG93WWgimPRmiJQfGFRNTEZh1dtY0=
@@ -10,16 +10,16 @@ import (
 	"strings"
 	"time"
-	"code.gitea.io/gitea/cmd"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/cmd"
-	"code.gitea.io/gitea/modules/log"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
-	"code.gitea.io/gitea/modules/setting"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
 	// register supported doc types
-	_ "code.gitea.io/gitea/modules/markup/asciicast"
+	_ "git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/markup/asciicast"
-	_ "code.gitea.io/gitea/modules/markup/console"
+	_ "git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/markup/console"
-	_ "code.gitea.io/gitea/modules/markup/csv"
+	_ "git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/markup/csv"
-	_ "code.gitea.io/gitea/modules/markup/markdown"
+	_ "git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/markup/markdown"
-	_ "code.gitea.io/gitea/modules/markup/orgmode"
+	_ "git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/markup/orgmode"
 	"github.com/urfave/cli/v3"
 )
@@ -11,10 +11,10 @@ import (
 	"errors"
 	"time"
-	"code.gitea.io/gitea/models/db"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
-	"code.gitea.io/gitea/modules/optional"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/optional"
-	"code.gitea.io/gitea/modules/timeutil"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/timeutil"
-	"code.gitea.io/gitea/modules/util"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/util"
 	"xorm.io/builder"
 )
@@ -6,11 +6,11 @@ package actions
 import (
 	"context"
-	"code.gitea.io/gitea/models/perm"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/perm"
-	repo_model "code.gitea.io/gitea/models/repo"
+	repo_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/repo"
-	user_model "code.gitea.io/gitea/models/user"
+	user_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
-	"code.gitea.io/gitea/modules/json"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/json"
-	"code.gitea.io/gitea/modules/util"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/util"
 	"xorm.io/xorm/convert"
 )
@@ -6,7 +6,7 @@ package actions
 import (
 	"testing"
-	"code.gitea.io/gitea/models/unittest"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/unittest"
 )
 func TestMain(m *testing.M) {
@@ -11,17 +11,17 @@ import (
 	"strings"
 	"time"
-	"code.gitea.io/gitea/models/db"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
-	repo_model "code.gitea.io/gitea/models/repo"
+	repo_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/repo"
-	user_model "code.gitea.io/gitea/models/user"
+	user_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
-	"code.gitea.io/gitea/modules/git"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/git"
-	"code.gitea.io/gitea/modules/json"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/json"
-	"code.gitea.io/gitea/modules/log"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
-	"code.gitea.io/gitea/modules/setting"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
-	api "code.gitea.io/gitea/modules/structs"
+	api "git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/structs"
-	"code.gitea.io/gitea/modules/timeutil"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/timeutil"
-	"code.gitea.io/gitea/modules/util"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/util"
-	webhook_module "code.gitea.io/gitea/modules/webhook"
+	webhook_module "git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/webhook"
 	"xorm.io/builder"
 )
@@ -9,11 +9,11 @@ import (
 	"slices"
 	"time"
-	"code.gitea.io/gitea/models/db"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
-	user_model "code.gitea.io/gitea/models/user"
+	user_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
-	"code.gitea.io/gitea/modules/log"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
-	"code.gitea.io/gitea/modules/timeutil"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/timeutil"
-	"code.gitea.io/gitea/modules/util"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/util"
 )
 // ActionRunAttempt represents a single execution attempt of an ActionRun.
@@ -6,9 +6,9 @@ package actions
 import (
 	"context"
-	"code.gitea.io/gitea/models/db"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
-	user_model "code.gitea.io/gitea/models/user"
+	user_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
-	"code.gitea.io/gitea/modules/container"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/container"
 )
 type ActionRunAttemptList []*ActionRunAttempt
@@ -9,11 +9,11 @@ import (
 	"slices"
 	"time"
-	"code.gitea.io/gitea/models/db"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
-	repo_model "code.gitea.io/gitea/models/repo"
+	repo_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/repo"
-	"code.gitea.io/gitea/modules/actions/jobparser"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/actions/jobparser"
-	"code.gitea.io/gitea/modules/timeutil"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/timeutil"
-	"code.gitea.io/gitea/modules/util"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/util"
 	"xorm.io/builder"
 )
@@ -6,11 +6,11 @@ package actions
 import (
 	"context"
-	"code.gitea.io/gitea/models/db"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
-	repo_model "code.gitea.io/gitea/models/repo"
+	repo_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/repo"
-	"code.gitea.io/gitea/modules/container"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/container"
-	"code.gitea.io/gitea/modules/optional"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/optional"
-	"code.gitea.io/gitea/modules/timeutil"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/timeutil"
 	"xorm.io/builder"
 )
@@ -6,12 +6,12 @@ package actions
 import (
 	"context"
-	"code.gitea.io/gitea/models/db"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
-	repo_model "code.gitea.io/gitea/models/repo"
+	repo_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/repo"
-	user_model "code.gitea.io/gitea/models/user"
+	user_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
-	"code.gitea.io/gitea/modules/container"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/container"
-	"code.gitea.io/gitea/modules/translation"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/translation"
-	webhook_module "code.gitea.io/gitea/modules/webhook"
+	webhook_module "git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/webhook"
 	"xorm.io/builder"
 )
@@ -7,10 +7,10 @@ import (
 	"testing"
 	"time"
-	"code.gitea.io/gitea/models/db"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
-	repo_model "code.gitea.io/gitea/models/repo"
+	repo_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/repo"
-	"code.gitea.io/gitea/models/unittest"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/unittest"
-	"code.gitea.io/gitea/modules/timeutil"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/timeutil"
 	"github.com/stretchr/testify/assert"
 )
@@ -10,16 +10,16 @@ import (
 	"strings"
 	"time"
-	"code.gitea.io/gitea/models/db"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
-	repo_model "code.gitea.io/gitea/models/repo"
+	repo_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/repo"
-	"code.gitea.io/gitea/models/shared/types"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/shared/types"
-	user_model "code.gitea.io/gitea/models/user"
+	user_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
-	"code.gitea.io/gitea/modules/container"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/container"
-	"code.gitea.io/gitea/modules/optional"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/optional"
-	"code.gitea.io/gitea/modules/setting"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
-	"code.gitea.io/gitea/modules/timeutil"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/timeutil"
-	"code.gitea.io/gitea/modules/translation"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/translation"
-	"code.gitea.io/gitea/modules/util"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/util"
 	runnerv1 "code.gitea.io/actions-proto-go/runner/v1"
 	"xorm.io/builder"
@@ -6,10 +6,10 @@ package actions
 import (
 	"context"
-	"code.gitea.io/gitea/models/db"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
-	repo_model "code.gitea.io/gitea/models/repo"
+	repo_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/repo"
-	user_model "code.gitea.io/gitea/models/user"
+	user_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
-	"code.gitea.io/gitea/modules/container"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/container"
 )
 type RunnerList []*ActionRunner
@@ -7,11 +7,11 @@ import (
 	"context"
 	"fmt"
-	"code.gitea.io/gitea/models/db"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/db"
-	repo_model "code.gitea.io/gitea/models/repo"
+	repo_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/repo"
-	user_model "code.gitea.io/gitea/models/user"
+	user_model "git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
-	"code.gitea.io/gitea/modules/timeutil"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/timeutil"
-	"code.gitea.io/gitea/modules/util"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/util"
 )
 // ActionRunnerToken represents runner tokens
@@ -6,7 +6,7 @@ package actions
 import (
 	"testing"
-	"code.gitea.io/gitea/models/unittest"
+	"git.mokoconsulting.tech/MokoConsulting/MokoGitea/models/unittest"
 	"github.com/stretchr/testify/assert"
 )
--- a/Show More
+++ b/Show More