Jonathan Miller
7884e2f141
Universal: PR Check / Build RC Package (pull_request) Blocked by required conditions
Branch Policy Check / Verify merge target (pull_request) Successful in 1s
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
PR RC Release / Build RC Release (pull_request) Successful in 2s
Universal: PR Check / Validate PR (pull_request) Failing after 6s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || 'development' }}) (pull_request) Successful in 1m7s
Fix three gaps that prevented per-unit public access from working on private repositories: 1. Git HTTP handler (githttp.go): allow anonymous git pull for private repos when the target unit (code or wiki) has AnonymousAccessMode set to read. Previously only checked repo.IsPrivate. 2. Permission engine (repo_permission.go): call finalProcessRepoUnitPermission for anonymous users on private repos so that unit-level anonymous access modes are populated. Previously returned early with AccessModeNone, skipping anonymous mode setup. 3. Search/explore (repo_list.go): include private repos that have at least one unit with anonymous_access_mode > 0 in search results, so anonymous users can discover repos with public sections. The existing settings UI at /settings/public_access already allows configuring per-unit visibility. The home page redirect to the first readable unit (e.g. wiki) also already works via checkHomeCodeViewable. Closes #238 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>