mirror of
https://gitea.com/gitea/tea.git
synced 2026-06-05 18:58:43 +02:00
main
586 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
 Renovate Bot
|
df320c74ca |
fix(deps): update module github.com/go-authgate/sdk-go to v0.12.0 (#1024)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [github.com/go-authgate/sdk-go](https://github.com/go-authgate/sdk-go) | `v0.11.0` → `v0.12.0` |  |  | --- ### Release Notes <details> <summary>go-authgate/sdk-go (github.com/go-authgate/sdk-go)</summary> ### [`v0.12.0`](https://github.com/go-authgate/sdk-go/releases/tag/v0.12.0) [Compare Source](https://github.com/go-authgate/sdk-go/compare/v0.11.0...v0.12.0) #### Changelog ##### Bug fixes - [`506ff28`](https://github.com/go-authgate/sdk-go/commit/506ff28e68b10f348fb937c9d734b20ea72245a6): fix: authenticate confidential clients and harden token handling ([#​33](https://github.com/go-authgate/sdk-go/issues/33)) ([@​appleboy](https://github.com/appleboy)) ##### Refactor - [`81b51e2`](https://github.com/go-authgate/sdk-go/commit/81b51e244f1ce5f069d6e2a0ac18a1ffb6d25706): refactor: simplify control flow across sdk packages ([#​30](https://github.com/go-authgate/sdk-go/issues/30)) ([@​appleboy](https://github.com/appleboy)) - [`7fcdb3c`](https://github.com/go-authgate/sdk-go/commit/7fcdb3cde0b80754262e81bd2e2d86baf8f00f64): refactor(oauth): use error-code constants at all sites ([#​31](https://github.com/go-authgate/sdk-go/issues/31)) ([@​appleboy](https://github.com/appleboy)) - [`4407ea6`](https://github.com/go-authgate/sdk-go/commit/4407ea621e8f2f14cb8629dfb80cb4d1e536099e): refactor(middleware): split token scope once for required-scope checks ([#​32](https://github.com/go-authgate/sdk-go/issues/32)) ([@​appleboy](https://github.com/appleboy)) ##### Documentation updates - [`f8b8b28`](https://github.com/go-authgate/sdk-go/commit/f8b8b28fd70f30799933e0592878f7e1146a71ea): docs(jwksauth): document UID across remaining godoc and test comments ([@​appleboy](https://github.com/appleboy)) ##### Others - [`a90443e`](https://github.com/go-authgate/sdk-go/commit/a90443e6226c4f401f40ed9917af2b19cd2f1747): fix(discovery,middleware): coalesce concurrent discovery fetches via singleflight with per-caller cancellation; route scope errors through the error handler ([#​16](https://github.com/go-authgate/sdk-go/issues/16)) ([@​appleboy](https://github.com/appleboy)) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xOTEuMiIsInVwZGF0ZWRJblZlciI6IjQzLjE5MS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> Reviewed-on: https://gitea.com/gitea/tea/pulls/1024 Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Renovate Bot <renovate-bot@gitea.com> Co-committed-by: Renovate Bot <renovate-bot@gitea.com> |
||
|
dinsmoor
|
09fc09c2f7 |
feat(comments): add list/edit/delete subcommands to tea comment (#1015)
## Why Today `tea comment` can only *add* a comment. Editing or deleting requires falling back to `tea api`. This came up while I was iterating on PRs in this same repo earlier today and had to correct a couple of comments by hand. Every comparable forge CLI (gh, glab, etc.) exposes these operations as first-class commands. ## What Restructures `tea comment` from a single-action command into a parent with four subcommands. The parent's default action remains the existing "add" behavior, so the historical shorthand keeps working. | Command | Purpose | |---|---| | `tea comment add <idx> [<body>]` | Add a comment (explicit subcommand) | | `tea comment list <idx>` | Tabular listing including comment IDs | | `tea comment edit <id> [<body>]` | Replace the body of one comment | | `tea comment delete <id> [<id>...]` | Delete one or more comments | | `tea comment <idx> [<body>]` | Unchanged — still routes to `add` | The `list` command exists specifically so users can discover the IDs that `edit` and `delete` accept. ## Backward compatibility The whole point of routing the parent's default `Action` through `add` is to preserve every existing invocation. `tea comment 1 "body"` still does what it did before. No flag or arg names change. ## Input forms (for add and edit) Same pattern as the original `tea comment`: 1. Positional body (`tea comment edit <id> "new body"`) — wins if present. 2. Piped stdin if no positional body is given. 3. External `$EDITOR` (pre-populated with the current body, on `edit`) if neither. This matches the stdin-handling fix in #1011 — positional body wins over a non-TTY stdin so the command doesn't hang in CI/subshells. ## Verification All four subcommands were exercised live against `https://gitea.com/dinsmoor/tea-testing` issue #1. The test artifacts and a summary log are visible on that issue right now. Specifically: - The annotated summary comment lists every operation tested and the comment IDs each one acted on. - Comments 1197162 (legacy add), 1197163 (subcommand add, later edited), 1197164 (stdin add) are still there to be inspected. - Comment 1197166 was created and then deleted; its absence from `tea comment list` output is evidence that delete works. ## New files - `cmd/comments/add.go` — extracted from the old `cmd/comment.go` - `cmd/comments/list.go` - `cmd/comments/edit.go` - `cmd/comments/delete.go` - `modules/print/comment.go` — adds `CommentsList` helper for the tabular output `cmd/comment.go` is rewritten as a thin parent that wires these together. ## Open questions for the reviewer - **Naming**: should the top-level command be `comments` (plural) or stay `comment` (singular)? I kept it singular with `comments` as an alias to match the existing user-visible name. - **Delete confirmation**: I did not add a confirmation prompt — `delete` just deletes. Some projects gate this behind `--yes` / interactive `[y/N]`. I'd rather follow whatever convention the maintainers prefer. - **Output format on list**: currently uses the existing `print.tableWithHeader` helper, matching `tea organizations list` etc. Other tea listings support `--output json` / `--output csv` via the shared `--output` flag, which works here automatically through the same helper. --- This patch was authored interactively with an AI assistant, driven and reviewed by a human (Tyler / @dinsmoor) every step. *pull request created by Tyler's lovingly wrangled demon machine <3* Reviewed-on: https://gitea.com/gitea/tea/pulls/1015 Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: dinsmoor <204368+dinsmoor@noreply.gitea.com> Co-committed-by: dinsmoor <204368+dinsmoor@noreply.gitea.com> |
||
|
Tyler
|
5fa24b9a65 |
feat(pulls): add --draft to create and --draft/--ready to edit (#1008)
Closes #979. An alternative to the approach in #980 — this one is purely client-side title-mangling, no SDK changes needed. Gitea already treats any PR with a `WIP:` or `[WIP]` title prefix (case-insensitive) as a draft. This patch wires three flags around that behavior: - `tea pulls create --draft` — prepend `WIP: ` to the title at creation time - `tea pulls edit --draft <idx>` — add `WIP: ` to an existing PR's title - `tea pulls edit --ready <idx>` — strip any recognized draft prefix All three are idempotent. `--draft` and `--ready` on edit are mutually exclusive. If the user also passes `--title` on edit, the toggle applies to the supplied title; otherwise the current title is fetched from the server first. Why this approach over a server-payload-based one: Gitea's draft state is *defined* as the title-prefix convention (see the Gitea source for `HasWIPPrefix`). Modeling it server-side would either duplicate or fight that. A small string helper covers it without needing the SDK to add a `Draft` field. Verified against `gitea.com` (1.26.0+dev) with a throwaway repo: - create with `--draft` → server reports `draft: true` ✓ - `edit --ready` strips → `draft: false` ✓ - `edit --draft` adds back → `draft: true` ✓ - second `edit --draft` is idempotent ✓ - `edit --draft --ready` errors ✓ Unit tests for the prefix detection live in `modules/utils/draft_test.go`. --- This patch was authored interactively with an AI assistant, driven and reviewed by a human (Tyler / @dinsmoor) every step. Reproduction, design decisions, and the choice not to follow #980's payload approach were mine — happy to discuss any of it. *pull request created by Tyler's lovingly wrangled demon machine <3* --------- Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Reviewed-on: https://gitea.com/gitea/tea/pulls/1008 Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Tyler <tyler@dinsmoor.us> Co-committed-by: Tyler <tyler@dinsmoor.us> |
||
|
Tyler
|
18274f1ebc |
fix(pulls): restore standard fork-flow PR creation (#1010)
Closes #1009. ## The standard fork-flow The textbook workflow for opening a PR with any git CLI (gh, glab, hub, tea, etc.) is: 1. Fork `upstream/repo` on the server. 2. Clone the fork locally; add `upstream` as a second remote. 3. Branch off, commit, push the branch to your fork. 4. Tell the tool: "open a PR on `upstream/repo`, source is `fork:branch`". In tea that's: ``` tea pulls create --repo upstream/repo --head fork:branch --base main ``` This is the flow tea supported before #850 and the flow this repo's own contribution model assumes. ## What broke #850 ("Enable git worktree support and improve pr create error handling", Nov 2025) correctly addressed worktree detection by adding `LocalRepo: true` to `runPullsCreate`'s `CtxRequirement`. But that requirement is checked before `--repo` is interpreted, and a slug-style `--repo gitea/tea` doesn't satisfy `LocalRepo` — only a path does. Result: the standard fork-flow invocation above started failing with: ``` Error: local repository required: execute from a repo dir, or specify a path with --repo ``` — which is misleading, because the user IS in a repo dir and `--repo` IS set. ## The fix Only require `LocalRepo` when the command genuinely needs the working tree: - **Interactive mode** (no flags) — uses tree info for prompts. - **`--head` omitted** — defaults head from the current branch. Otherwise the command runs with just `RemoteRepo`, and `task.CreatePull` takes the explicit `--repo` and `--head` as given. The #850 worktree fix is preserved for the in-tree path. ## Behavior table | Invocation | Before | After | |---|---|---| | `tea pulls create` (interactive) | works | works (unchanged) | | `tea pulls create --head my-branch --base main` (in-tree, same repo) | works | works (unchanged) | | `tea pulls create --repo upstream/repo --head fork:branch --base main` (fork-flow) | **fails with misleading error** | **works** | | `tea pulls create --repo upstream/repo --base main` (no `--head`, no working tree) | fails | still fails with the same error (correctly — head can't be defaulted without a working tree or explicit flag) | ## Verification Smoke-tested by opening a PR from `/tmp` (deliberately not a git repo): ``` cd /tmp tea-dev pulls create --login gitea.com --repo dinsmoor/tea-testing \ --head dinsmoor:xfork-smoke --base main \ --title "xfork smoke test" --description "..." → https://gitea.com/dinsmoor/tea-testing/pulls/4 ``` And in fact, **this very PR was opened using the patched binary** invoked from `/tmp`, since the released `tea` still has the bug. --- This patch was authored interactively with an AI assistant, driven and reviewed by a human (Tyler / @dinsmoor) every step. *pull request created by Tyler's lovingly wrangled demon machine <3* --------- Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Reviewed-on: https://gitea.com/gitea/tea/pulls/1010 Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Tyler <tyler@dinsmoor.us> Co-committed-by: Tyler <tyler@dinsmoor.us> |
||
|
Tyler
|
d1b9b7735e |
fix(comment): don't block on stdin when body is given positionally (#1011)
## The bug
`tea comment <idx> "body"` hangs forever in any non-TTY context — CI pipelines, subshells, agent harnesses, scripts — unless the user explicitly redirects stdin with `< /dev/null`.
### Reproduction (released `tea` 0.14.1)
```
# Plain positional body — hangs forever
$ tea comment --repo owner/repo 1 "body text"
# Heredoc body — hangs forever
$ tea comment --repo owner/repo 1 "$(cat <<'EOM'
body text
EOM
)"
# Workaround that works (but shouldn't be necessary)
$ tea comment --repo owner/repo 1 "body text" < /dev/null
```
Verified on `gitea.com` (server 1.26.0+dev) with `tea 0.14.1`. Both hanging cases hit a 30s timeout in testing; in normal shell use they hang indefinitely.
## Root cause
`cmd/comment.go:58-65`:
```go
body := strings.Join(ctx.Args().Tail(), " ")
if interact.IsStdinPiped() {
if bodyStdin, err := io.ReadAll(ctx.Reader); err != nil {
return err
} else if len(bodyStdin) != 0 {
body = strings.Join([]string{body, string(bodyStdin)}, "\n\n")
}
}
```
`interact.IsStdinPiped()` is implemented as `!term.IsTerminal(os.Stdin)` — true for *any* non-TTY stdin, not just for piped data. When tea enters this branch in a subshell where stdin is open but no producer ever writes to it (the typical case for shell scripts and automation), `io.ReadAll` blocks waiting for an EOF that never arrives.
## Fix
Only consume stdin when the user did **not** supply a positional body. If they passed a body via args, that's their content — ignore stdin entirely.
```go
if len(body) == 0 && interact.IsStdinPiped() {
// ... read stdin ...
body = string(bodyStdin)
}
```
## Behavior matrix
| Invocation | Before | After |
|---|---|---|
| `tea comment <idx> "body"` (TTY) | works | works |
| `tea comment <idx> "body"` (non-TTY, no redirect) | **hangs forever** | **works** |
| `tea comment <idx> "body" < /dev/null` | works | works |
| `echo body \| tea comment <idx>` | works | works |
| `tea comment <idx> "prefix"` + piped stdin | "prefix" + stdin concatenated | positional body wins, stdin ignored |
| `tea comment <idx>` (TTY, no body, no pipe) | opens editor | opens editor |
The one behavior change is the prefix-plus-stdin case (5th row). I couldn't find anyone relying on that pattern and it wasn't documented; defaulting to "positional body wins" matches the principle of least surprise.
## Verification
Confirmed each row against `dinsmoor/tea-testing` issue #1 on `gitea.com` with the patched binary. Previously-hanging invocations now post in <0.5s. Piped-stdin path unchanged.
---
This patch was authored interactively with an AI assistant, driven and reviewed by a human (Tyler / @dinsmoor) every step.
*pull request created by Tyler's lovingly wrangled demon machine <3*
---------
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-on: https://gitea.com/gitea/tea/pulls/1011
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Tyler <tyler@dinsmoor.us>
Co-committed-by: Tyler <tyler@dinsmoor.us>
|
||
|
Tyler
|
6dd33b5f4f |
docs(login): make the git credential helper discoverable (#1014)
Closes #1013. ## Background While trying to use `tea` from a non-interactive context I hit a friction point: after `tea login add` succeeded, plain `git push` over HTTPS still prompted for credentials. I filed #1013 as a feature request to add credential helper integration — then found, on reading the source, that the integration **already exists**: - `tea login add` accepts `--helper` (alias `-j`), which calls `task.SetupHelper` to register a credential helper in `~/.gitconfig`. - `tea login helper get` correctly implements git's credential protocol, reading the request from stdin and returning `protocol`/`host`/`username`/`password` lines. - `tea login helper setup` does the same for every configured login. I verified end-to-end that this works as advertised: after `tea login helper setup`, an HTTPS `git push` against a configured Gitea host authenticates silently using the stored token, no prompts, with `GIT_TERMINAL_PROMPT=0` set as a safety check. So the feature is fine. The problem is that nobody can find it: | Surface | Before | Issue | |---|---|---| | Flag name on `tea login add` | `--helper` (alias `-j`) | Generic; nothing tying it to git or credentials | | Flag usage text | `"Add helper"` | Says nothing | | `tea login helper` command | `Hidden: true` | Not in `tea login --help` | | `tea login helper` usage | `"Git helper"` | Says nothing | | `tea login helper` description | `"Git helper"` | Same string again | | `store/erase` subcommand description | `"Command drops"` | Sentence fragment, no meaning | | `setup` subcommand description | `"Setup helper to tea authenticate"` | Awkward, doesn't explain what it touches | | `get` subcommand description | `"Get token to auth"` | Doesn't mention git, stdin, or the credential protocol | | Mention in `tea login add --help` | None | Feature is invisible | ## What this patch does Purely cosmetic / documentation changes — **no behavior changes**: 1. Renames `--helper` to `--git-credentials`, keeping `--helper` and `-j` as aliases so existing scripts and muscle memory keep working. 2. Removes `Hidden: true` from `tea login helper` so it appears in `tea login --help`. 3. Rewrites every placeholder `Usage` and `Description` string in the helper command tree to describe what the thing actually does. 4. Expands the top-level `Description` of `tea login add` to mention the option and explain what it does. 5. Prints a one-line hint after a successful non-helper login: `Tip: pass --git-credentials (or run 'tea login helper setup') to authenticate 'git push' and 'git clone' over HTTPS with this token.` The credential helper protocol implementation, `SetupHelper`'s gitconfig writes, and the `get`/`store`/`setup` action functions are all unchanged. ## Help output after the patch ``` $ tea login --help COMMANDS: ... helper, git-credential Act as a git credential helper for stored Gitea logins ... $ tea login helper --help NAME: tea logins helper - Act as a git credential helper for stored Gitea logins DESCRIPTION: Speaks git's credential helper protocol so that HTTPS push and clone operations against your configured Gitea instances authenticate silently using the tokens tea already stores. Typical use is automatic: 'tea login add --git-credentials' (or 'tea login helper setup' for existing logins) registers '!tea login helper' as a credential helper in ~/.gitconfig. Git then invokes the 'get' subcommand when it needs credentials for a configured host. COMMANDS: store, erase No-op (git credential protocol store/erase) setup Register tea as a git credential helper for every configured login get Return the stored token for a URL (git credential protocol) ``` ## Open questions for the reviewer A few choices in here that are subjective — happy to change any of them: - **Flag name**: `--git-credentials` was the first clear name I tried. `--credential-helper` and `--git-helper` are also reasonable. Or keep `--helper` as canonical and just fix its usage text. - **Canonical subcommand name**: I kept `helper` as canonical with `git-credential` as alias, matching what was already there. Could flip this — `gh` uses `gh auth git-credential` as canonical with no `helper` form. - **Should `--git-credentials` default to true?** Most users probably want it on; the current opt-in design surprises them. But flipping the default is a behavior change so I left it alone here. - **Should the hint be silenced by an env var or a config flag?** I left it always-on for the people who need to see it; can gate it if it bothers automation users. - **Teardown on `tea login delete`** would parallel the setup behavior, but is genuinely a separate change. Not in this PR. --- This patch was authored interactively with an AI assistant, driven and reviewed by a human (Tyler / @dinsmoor) every step. *pull request created by Tyler's lovingly wrangled demon machine <3* --------- Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Reviewed-on: https://gitea.com/gitea/tea/pulls/1014 Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Tyler <tyler@dinsmoor.us> Co-committed-by: Tyler <tyler@dinsmoor.us> |
||
|
Tyler
|
23a3967e15 |
fix(print): distinguish draft PRs from conflicting PRs (#1012)
## The bug
`tea pulls create` and `tea pulls edit` print `• **Conflicting files**` for any open PR that the server reports as `mergeable: false`. But Gitea's API returns `mergeable: false` for **draft PRs by design** — drafts cannot be merged regardless of conflict state. The current code conflates "not mergeable for any reason" with "has file conflicts."
### Reproduction (gitea.com 1.26.0+dev)
```
$ tea pulls create --base main --head my-branch --title "WIP: clean diff" --description "..."
# #N WIP: clean diff (open)
...
• **Conflicting files** ← misleading
• Maintainers are allowed to edit
```
The PR has no actual conflicts. The web UI shows it as draft + cleanly diffable. `tea pulls edit --title "WIP: ..."` shows the same misleading line.
API confirms the root signal:
```
$ curl /api/v1/repos/owner/repo/pulls/N
{ "draft": true, "mergeable": false, ... }
```
Strip the WIP prefix, and `mergeable` flips back to `true`. So `mergeable=false` here means "blocked because draft," not "conflicts."
## Fix
Distinguish the two reasons in `modules/print/pull.go`:
```go
switch {
case pr.Mergeable:
out += "- No Conflicts\n"
case pr.Draft:
out += "- Draft (not mergeable until marked ready)\n"
default:
out += "- **Conflicting files**\n"
}
```
Real conflicts still fall through to the existing "Conflicting files" message.
## Behavior matrix
| PR state | API `mergeable` | Before | After |
|---|---|---|---|
| Open, clean, ready | true | No Conflicts | No Conflicts |
| Open, draft, clean | false | **Conflicting files** (wrong) | **Draft (not mergeable until marked ready)** |
| Open, conflicting | false | Conflicting files | Conflicting files |
| Closed/merged | — | (no line shown) | (no line shown) |
## Verification
Against `dinsmoor/tea-testing` PR #6 on gitea.com:
- Set title to `WIP: ...` → API `mergeable=false`, `draft=true` → tea prints `Draft (not mergeable until marked ready)` ✓
- Strip WIP → API `mergeable=true`, `draft=false` → tea prints `No Conflicts` ✓
---
This patch was authored interactively with an AI assistant, driven and reviewed by a human (Tyler / @dinsmoor) every step.
*pull request created by Tyler's lovingly wrangled demon machine <3*
Reviewed-on: https://gitea.com/gitea/tea/pulls/1012
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Tyler <tyler@dinsmoor.us>
Co-committed-by: Tyler <tyler@dinsmoor.us>
|
||
|
kuil09
|
06e4d16bf3 |
feat: add wiki CLI commands (#998)
## Summary Add first-class `tea wiki` commands backed by the existing Gitea wiki API and SDK support. ## What this adds - `tea wiki list` - `tea wiki view <page>` - `tea wiki revisions <page>` - `tea wiki create` - `tea wiki edit <page>` - `tea wiki delete <page>` ## Implementation details - registers a new top-level `wiki` entity command - keeps command logic under `cmd/wiki/` - adds wiki-specific renderers in `modules/print/wiki.go` - adds wiki task helpers in `modules/task/wiki.go` - reuses existing repo/login/output/pagination patterns used elsewhere in `tea` - base64-encodes wiki content for create/edit API calls - requires explicit `--confirm` for delete - preserves the current page title during edit when `--title` is omitted ## Test coverage The PR is intentionally split into two commits: 1. `feat: add wiki CLI commands` 2. `test: add wiki integration coverage` Validation performed: - focused command, task, and print tests for the new wiki functionality - integration coverage for the wiki command lifecycle - `make lint` - `make fmt-check` - `make docs-check` - `make build` - upstream PR CI passed: - `check-and-test / Integration Test` - `check-and-test / Lint Build And Unit Coverage` ## Motivation This makes `tea` a better interface for both human and agent-driven workflows by exposing wiki operations as stable first-class CLI commands instead of requiring ad-hoc API calls or custom wrappers. --- Generated by Hermes Agent with GPT-5.4 --------- Co-authored-by: nitro <nitro@nitroui-Macmini.local> Reviewed-on: https://gitea.com/gitea/tea/pulls/998 Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: kuil09 <202447+kuil09@noreply.gitea.com> Co-committed-by: kuil09 <202447+kuil09@noreply.gitea.com> |
||
|
Lunny Xiao
|
28ba9b915b |
Move sdk from code.gitea.io/sdk/gitea to gitea.dev/sdk (#1006)
Reviewed-on: https://gitea.com/gitea/tea/pulls/1006 Reviewed-by: Zettat123 <39446+zettat123@noreply.gitea.com> |
||
|
Minjie Fang
|
579099f9d9 |
fix(context): improve local repo detection logic and test (#999)
Fix https://gitea.com/gitea/tea/issues/995 Reviewed-on: https://gitea.com/gitea/tea/pulls/999 Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Minjie Fang <wingsallen@gmail.com> Co-committed-by: Minjie Fang <wingsallen@gmail.com> |
||
|
Lunny Xiao
|
a664449282 |
Use git command instead of go git (#1005)
Remove go git library because it doesn't support sha256 repository but have an interface so that we could have other backend for the future. Reviewed-on: https://gitea.com/gitea/tea/pulls/1005 Reviewed-by: Zettat123 <39446+zettat123@noreply.gitea.com> |
||
|
techknowlogick
|
8e0666ab85 |
update import path to use gitea.dev (#1003)
Reviewed-on: https://gitea.com/gitea/tea/pulls/1003 Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: techknowlogick <techknowlogick@gitea.com> Co-committed-by: techknowlogick <techknowlogick@gitea.com> |
||
|
Renovate Bot
|
bbe97a5e23 |
fix(deps): update module golang.org/x/crypto to v0.52.0 [security] (#1002)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [golang.org/x/crypto](https://pkg.go.dev/golang.org/x/crypto) | [`v0.51.0` → `v0.52.0`](https://cs.opensource.google/go/x/crypto/+/refs/tags/v0.51.0...refs/tags/v0.52.0) |  |  | --- ### Invoking key constraints not enforced in golang.org/x/crypto/ssh/agent [CVE-2026-39833](https://nvd.nist.gov/vuln/detail/CVE-2026-39833) / [GO-2026-5005](https://pkg.go.dev/vuln/GO-2026-5005) <details> <summary>More information</summary> #### Details The in-memory keyring returned by NewKeyring() silently accepted keys with the ConfirmBeforeUse constraint but never enforced it. The key would sign without any confirmation prompt, with no indication to the caller that the constraint was not in effect. NewKeyring() now returns an error when unsupported constraints are requested. #### Severity Unknown #### References - [https://go.dev/issue/79436](https://go.dev/issue/79436) - [https://go.dev/cl/778640](https://go.dev/cl/778640) - [https://go.dev/cl/778641](https://go.dev/cl/778641) - [https://groups.google.com/g/golang-announce/c/a082jnz-LvI](https://groups.google.com/g/golang-announce/c/a082jnz-LvI) This data is provided by [OSV](https://osv.dev/vulnerability/GO-2026-5005) and the [Go Vulnerability Database](https://github.com/golang/vulndb) ([CC-BY 4.0](https://github.com/golang/vulndb#license)). </details> --- ### Invoking agent constraints dropped when forwarding keys in golang.org/x/crypto/ssh/agent [CVE-2026-39832](https://nvd.nist.gov/vuln/detail/CVE-2026-39832) / [GO-2026-5006](https://pkg.go.dev/vuln/GO-2026-5006) <details> <summary>More information</summary> #### Details When adding a key to a remote agent constraint extensions such as restrict-destination-v00@​openssh.com were not serialized in the request. Destination restrictions were silently stripped when forwarding keys, allowing unrestricted use of the key on the remote host. The client now serializes all constraint extensions. Additionally, the in-memory keyring returned by NewKeyring() now rejects keys with unsupported constraint extensions instead of silently ignoring them. #### Severity Unknown #### References - [https://go.dev/issue/79435](https://go.dev/issue/79435) - [https://go.dev/cl/778642](https://go.dev/cl/778642) - [https://groups.google.com/g/golang-announce/c/a082jnz-LvI](https://groups.google.com/g/golang-announce/c/a082jnz-LvI) This data is provided by [OSV](https://osv.dev/vulnerability/GO-2026-5006) and the [Go Vulnerability Database](https://github.com/golang/vulndb) ([CC-BY 4.0](https://github.com/golang/vulndb#license)). </details> --- ### Invoking byte arithmetic causes underflow and panic in golang.org/x/crypto/ssh [CVE-2026-46597](https://nvd.nist.gov/vuln/detail/CVE-2026-46597) / [GO-2026-5013](https://pkg.go.dev/vuln/GO-2026-5013) <details> <summary>More information</summary> #### Details An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM packet decoder for well-crafted inputs. #### Severity Unknown #### References - [https://go.dev/issue/79561](https://go.dev/issue/79561) - [https://groups.google.com/g/golang-announce/c/a082jnz-LvI](https://groups.google.com/g/golang-announce/c/a082jnz-LvI) - [https://go.dev/cl/781620](https://go.dev/cl/781620) This data is provided by [OSV](https://osv.dev/vulnerability/GO-2026-5013) and the [Go Vulnerability Database](https://github.com/golang/vulndb) ([CC-BY 4.0](https://github.com/golang/vulndb#license)). </details> --- ### Invoking bypass of certificate restrictions in golang.org/x/crypto/ssh [CVE-2026-39828](https://nvd.nist.gov/vuln/detail/CVE-2026-39828) / [GO-2026-5014](https://pkg.go.dev/vuln/GO-2026-5014) <details> <summary>More information</summary> #### Details When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError now results in a connection error. #### Severity Unknown #### References - [https://go.dev/issue/79562](https://go.dev/issue/79562) - [https://groups.google.com/g/golang-announce/c/a082jnz-LvI](https://groups.google.com/g/golang-announce/c/a082jnz-LvI) - [https://go.dev/cl/781621](https://go.dev/cl/781621) This data is provided by [OSV](https://osv.dev/vulnerability/GO-2026-5014) and the [Go Vulnerability Database](https://github.com/golang/vulndb) ([CC-BY 4.0](https://github.com/golang/vulndb#license)). </details> --- ### Invoking server panic during CheckHostKey/Authenticate in golang.org/x/crypto/ssh [CVE-2026-39835](https://nvd.nist.gov/vuln/detail/CVE-2026-39835) / [GO-2026-5015](https://pkg.go.dev/vuln/GO-2026-5015) <details> <summary>More information</summary> #### Details SSH servers which use CertChecker as a public key callback without setting IsUserAuthority or IsHostAuthority could be caused to panic by a client presenting a certificate. CertChecker now returns an error instead of panicking when these callbacks are nil. #### Severity Unknown #### References - [https://go.dev/issue/79563](https://go.dev/issue/79563) - [https://groups.google.com/g/golang-announce/c/a082jnz-LvI](https://groups.google.com/g/golang-announce/c/a082jnz-LvI) - [https://go.dev/cl/781660](https://go.dev/cl/781660) This data is provided by [OSV](https://osv.dev/vulnerability/GO-2026-5015) and the [Go Vulnerability Database](https://github.com/golang/vulndb) ([CC-BY 4.0](https://github.com/golang/vulndb#license)). </details> --- ### Invoking memory leak when rejecting channels can lead to DoS in golang.org/x/crypto/ssh [CVE-2026-39827](https://nvd.nist.gov/vuln/detail/CVE-2026-39827) / [GO-2026-5016](https://pkg.go.dev/vuln/GO-2026-5016) <details> <summary>More information</summary> #### Details An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected users. Rejected channels are now properly removed from the connection's internal state and released for garbage collection. #### Severity Unknown #### References - [https://go.dev/issue/35127](https://go.dev/issue/35127) - [https://go.dev/cl/781320](https://go.dev/cl/781320) - [https://groups.google.com/g/golang-announce/c/a082jnz-LvI](https://groups.google.com/g/golang-announce/c/a082jnz-LvI) This data is provided by [OSV](https://osv.dev/vulnerability/GO-2026-5016) and the [Go Vulnerability Database](https://github.com/golang/vulndb) ([CC-BY 4.0](https://github.com/golang/vulndb#license)). </details> --- ### Invoking client can cause server deadlock on unexpected responses in golang.org/x/crypto/ssh [CVE-2026-39830](https://nvd.nist.gov/vuln/detail/CVE-2026-39830) / [GO-2026-5017](https://pkg.go.dev/vuln/GO-2026-5017) <details> <summary>More information</summary> #### Details A malicious SSH peer could send unsolicited global request responses to fill an internal buffer, blocking the connection's read loop. The blocked goroutine could not be released by calling Close(), resulting in a resource leak per connection. Unsolicited global responses are now discarded. #### Severity Unknown #### References - [https://go.dev/issue/79564](https://go.dev/issue/79564) - [https://groups.google.com/g/golang-announce/c/a082jnz-LvI](https://groups.google.com/g/golang-announce/c/a082jnz-LvI) - [https://go.dev/cl/781640](https://go.dev/cl/781640) - [https://go.dev/cl/781664](https://go.dev/cl/781664) This data is provided by [OSV](https://osv.dev/vulnerability/GO-2026-5017) and the [Go Vulnerability Database](https://github.com/golang/vulndb) ([CC-BY 4.0](https://github.com/golang/vulndb#license)). </details> --- ### Invoking pathological RSA/DSA parameters may cause DoS in golang.org/x/crypto/ssh [CVE-2026-39829](https://nvd.nist.gov/vuln/detail/CVE-2026-39829) / [GO-2026-5018](https://pkg.go.dev/vuln/GO-2026-5018) <details> <summary>More information</summary> #### Details The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an excessively large modulus or DSA parameter could cause several minutes of CPU consumption during signature verification. This could be triggered by unauthenticated clients during public key authentication. RSA moduli are now limited to 8192 bits, and DSA parameters are validated per FIPS 186-2. #### Severity Unknown #### References - [https://go.dev/issue/79565](https://go.dev/issue/79565) - [https://groups.google.com/g/golang-announce/c/a082jnz-LvI](https://groups.google.com/g/golang-announce/c/a082jnz-LvI) - [https://go.dev/cl/781641](https://go.dev/cl/781641) - [https://go.dev/cl/781661](https://go.dev/cl/781661) This data is provided by [OSV](https://osv.dev/vulnerability/GO-2026-5018) and the [Go Vulnerability Database](https://github.com/golang/vulndb) ([CC-BY 4.0](https://github.com/golang/vulndb#license)). </details> --- ### Invoking bypass of FIDO/U2F security keys physical interaction in golang.org/x/crypto/ssh [CVE-2026-39831](https://nvd.nist.gov/vuln/detail/CVE-2026-39831) / [GO-2026-5019](https://pkg.go.dev/vuln/GO-2026-5019) <details> <summary>More information</summary> #### Details The Verify() method for FIDO/U2F security key types (sk-ecdsa-sha2-nistp256@​openssh.com, sk-ssh-ed25519@​openssh.com) did not check the User Presence flag. Signatures generated without physical touch were accepted, allowing unattended use of a hardware security key. To restore the previous behavior, return a "no-touch-required" extension in Permissions.Extensions from PublicKeyCallback. #### Severity Unknown #### References - [https://go.dev/issue/79566](https://go.dev/issue/79566) - [https://groups.google.com/g/golang-announce/c/a082jnz-LvI](https://groups.google.com/g/golang-announce/c/a082jnz-LvI) - [https://go.dev/cl/781662](https://go.dev/cl/781662) This data is provided by [OSV](https://osv.dev/vulnerability/GO-2026-5019) and the [Go Vulnerability Database](https://github.com/golang/vulndb) ([CC-BY 4.0](https://github.com/golang/vulndb#license)). </details> --- ### Invoking infinite loop on large channel writes in golang.org/x/crypto/ssh [CVE-2026-39834](https://nvd.nist.gov/vuln/detail/CVE-2026-39834) / [GO-2026-5020](https://pkg.go.dev/vuln/GO-2026-5020) <details> <summary>More information</summary> #### Details When writing data larger than 4GB in a single Write call on an SSH channel, an integer overflow in the internal payload size calculation caused the write loop to spin indefinitely, sending empty packets without making progress. The size comparison now uses int64 to prevent truncation. #### Severity Unknown #### References - [https://go.dev/issue/79567](https://go.dev/issue/79567) - [https://groups.google.com/g/golang-announce/c/a082jnz-LvI](https://groups.google.com/g/golang-announce/c/a082jnz-LvI) - [https://go.dev/cl/781663](https://go.dev/cl/781663) This data is provided by [OSV](https://osv.dev/vulnerability/GO-2026-5020) and the [Go Vulnerability Database](https://github.com/golang/vulndb) ([CC-BY 4.0](https://github.com/golang/vulndb#license)). </details> --- ### Invoking auth bypass via unenforced @​revoked status in golang.org/x/crypto/ssh/knownhosts [CVE-2026-42508](https://nvd.nist.gov/vuln/detail/CVE-2026-42508) / [GO-2026-5021](https://pkg.go.dev/vuln/GO-2026-5021) <details> <summary>More information</summary> #### Details Previously, a revoked 'SignatureKey' belonging to a CA was not correctly checked for revocation. Now, both the 'key' and 'key.SignatureKey' are checked for @​revoked. #### Severity Unknown #### References - [https://go.dev/issue/79568](https://go.dev/issue/79568) - [https://go.dev/cl/781220](https://go.dev/cl/781220) - [https://groups.google.com/g/golang-announce/c/a082jnz-LvI](https://groups.google.com/g/golang-announce/c/a082jnz-LvI) This data is provided by [OSV](https://osv.dev/vulnerability/GO-2026-5021) and the [Go Vulnerability Database](https://github.com/golang/vulndb) ([CC-BY 4.0](https://github.com/golang/vulndb#license)). </details> --- ### Invoking VerifiedPublicKeyCallback permissions skip enforcement in golang.org/x/crypto/ssh [CVE-2026-46595](https://nvd.nist.gov/vuln/detail/CVE-2026-46595) / [GO-2026-5023](https://pkg.go.dev/vuln/GO-2026-5023) <details> <summary>More information</summary> #### Details Previously, CVE-2024-45337 fixed an authorization bypass for misused ssh server configurations; if any other type of callback is passed other than public key, then the source-address validation would be skipped. #### Severity Unknown #### References - [https://go.dev/issue/79570](https://go.dev/issue/79570) - [https://groups.google.com/g/golang-announce/c/a082jnz-LvI](https://groups.google.com/g/golang-announce/c/a082jnz-LvI) - [https://go.dev/cl/781642](https://go.dev/cl/781642) This data is provided by [OSV](https://osv.dev/vulnerability/GO-2026-5023) and the [Go Vulnerability Database](https://github.com/golang/vulndb) ([CC-BY 4.0](https://github.com/golang/vulndb#license)). </details> --- ### Invoking pathological inputs can lead to client panic in golang.org/x/crypto/ssh/agent [CVE-2026-46598](https://nvd.nist.gov/vuln/detail/CVE-2026-46598) / [GO-2026-5033](https://pkg.go.dev/vuln/GO-2026-5033) <details> <summary>More information</summary> #### Details For certain crafted inputs, a 'ed25519.PrivateKey' was created by casting malformed wire bytes, leading to a panic when used. #### Severity Unknown #### References - [https://go.dev/issue/79596](https://go.dev/issue/79596) - [https://go.dev/cl/781360](https://go.dev/cl/781360) - [https://groups.google.com/g/golang-announce/c/a082jnz-LvI](https://groups.google.com/g/golang-announce/c/a082jnz-LvI) This data is provided by [OSV](https://osv.dev/vulnerability/GO-2026-5033) and the [Go Vulnerability Database](https://github.com/golang/vulndb) ([CC-BY 4.0](https://github.com/golang/vulndb#license)). </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - "" - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xOTEuMiIsInVwZGF0ZWRJblZlciI6IjQzLjE5MS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> --------- Co-authored-by: silverwind <2021+silverwind@noreply.gitea.com> Reviewed-on: https://gitea.com/gitea/tea/pulls/1002 Reviewed-by: silverwind <2021+silverwind@noreply.gitea.com> Co-authored-by: Renovate Bot <renovate-bot@gitea.com> Co-committed-by: Renovate Bot <renovate-bot@gitea.com> |
||
|
Renovate Bot
|
82323c7270 |
chore(deps): update module golang.org/x/net to v0.55.0 [security] (#1001)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [golang.org/x/net](https://pkg.go.dev/golang.org/x/net) | [`v0.54.0` → `v0.55.0`](https://cs.opensource.google/go/x/net/+/refs/tags/v0.54.0...refs/tags/v0.55.0) |  |  | --- ### Invoking incorrect handling of namespaced elements in foreign content in golang.org/x/net/html [CVE-2026-42506](https://nvd.nist.gov/vuln/detail/CVE-2026-42506) / [GO-2026-5025](https://pkg.go.dev/vuln/GO-2026-5025) <details> <summary>More information</summary> #### Details Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML before rendering. #### Severity Unknown #### References - [https://go.dev/issue/79571](https://go.dev/issue/79571) - [https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8](https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8) - [https://go.dev/cl/781700](https://go.dev/cl/781700) This data is provided by [OSV](https://osv.dev/vulnerability/GO-2026-5025) and the [Go Vulnerability Database](https://github.com/golang/vulndb) ([CC-BY 4.0](https://github.com/golang/vulndb#license)). </details> --- ### Invoking failure to reject ASCII-only Punycode-encoded labels in golang.org/x/net/idna [CVE-2026-39821](https://nvd.nist.gov/vuln/detail/CVE-2026-39821) / [GO-2026-5026](https://pkg.go.dev/vuln/GO-2026-5026) <details> <summary>More information</summary> #### Details The ToASCII and ToUnicode functions incorrectly accept Punycode-encoded labels that decode to an ASCII-only label. For example, ToUnicode("xn--example-.com") incorrectly returns the name "example.com" rather than an error. This behavior can lead to privilege escalation in programs using the idna package. For example, a program which performs privilege checks on the ASCII hostname may reject "example.com" but permit "xn--example-.com". If that program subsequently converts the ASCII hostname to Unicode, it will inadvertently permits access to the Unicode name "example.com". #### Severity Unknown #### References - [https://go.dev/cl/767220](https://go.dev/cl/767220) - [https://go.dev/issue/78760](https://go.dev/issue/78760) - [https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8](https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8) This data is provided by [OSV](https://osv.dev/vulnerability/GO-2026-5026) and the [Go Vulnerability Database](https://github.com/golang/vulndb) ([CC-BY 4.0](https://github.com/golang/vulndb#license)). </details> --- ### Invoking incorrect handling of HTML elements in foreign content in golang.org/x/net/html [CVE-2026-42502](https://nvd.nist.gov/vuln/detail/CVE-2026-42502) / [GO-2026-5027](https://pkg.go.dev/vuln/GO-2026-5027) <details> <summary>More information</summary> #### Details Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML before rendering. #### Severity Unknown #### References - [https://go.dev/issue/79572](https://go.dev/issue/79572) - [https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8](https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8) - [https://go.dev/cl/781701](https://go.dev/cl/781701) This data is provided by [OSV](https://osv.dev/vulnerability/GO-2026-5027) and the [Go Vulnerability Database](https://github.com/golang/vulndb) ([CC-BY 4.0](https://github.com/golang/vulndb#license)). </details> --- ### Invoking denial of service when parsing arbitrary HTML in golang.org/x/net/html [CVE-2026-25680](https://nvd.nist.gov/vuln/detail/CVE-2026-25680) / [GO-2026-5028](https://pkg.go.dev/vuln/GO-2026-5028) <details> <summary>More information</summary> #### Details Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service. #### Severity Unknown #### References - [https://go.dev/cl/781702](https://go.dev/cl/781702) - [https://go.dev/issue/79573](https://go.dev/issue/79573) - [https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8](https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8) This data is provided by [OSV](https://osv.dev/vulnerability/GO-2026-5028) and the [Go Vulnerability Database](https://github.com/golang/vulndb) ([CC-BY 4.0](https://github.com/golang/vulndb#license)). </details> --- ### Invoking incorrect handling of character references in DOCTYPE nodes in golang.org/x/net/html [CVE-2026-25681](https://nvd.nist.gov/vuln/detail/CVE-2026-25681) / [GO-2026-5029](https://pkg.go.dev/vuln/GO-2026-5029) <details> <summary>More information</summary> #### Details Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML before rendering. #### Severity Unknown #### References - [https://go.dev/issue/79574](https://go.dev/issue/79574) - [https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8](https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8) - [https://go.dev/cl/781703](https://go.dev/cl/781703) This data is provided by [OSV](https://osv.dev/vulnerability/GO-2026-5029) and the [Go Vulnerability Database](https://github.com/golang/vulndb) ([CC-BY 4.0](https://github.com/golang/vulndb#license)). </details> --- ### Invoking duplicate attributes can cause XSS in golang.org/x/net/html [CVE-2026-27136](https://nvd.nist.gov/vuln/detail/CVE-2026-27136) / [GO-2026-5030](https://pkg.go.dev/vuln/GO-2026-5030) <details> <summary>More information</summary> #### Details Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML before rendering. #### Severity Unknown #### References - [https://go.dev/issue/79575](https://go.dev/issue/79575) - [https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8](https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8) - [https://go.dev/cl/781685](https://go.dev/cl/781685) This data is provided by [OSV](https://osv.dev/vulnerability/GO-2026-5030) and the [Go Vulnerability Database](https://github.com/golang/vulndb) ([CC-BY 4.0](https://github.com/golang/vulndb#license)). </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - "" - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xOTEuMiIsInVwZGF0ZWRJblZlciI6IjQzLjE5MS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> Reviewed-on: https://gitea.com/gitea/tea/pulls/1001 Reviewed-by: silverwind <2021+silverwind@noreply.gitea.com> Co-authored-by: Renovate Bot <renovate-bot@gitea.com> Co-committed-by: Renovate Bot <renovate-bot@gitea.com> |
||
|
Renovate Bot
|
861201541d |
fix(deps): update module golang.org/x/sys to v0.45.0 (#1000)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [golang.org/x/sys](https://pkg.go.dev/golang.org/x/sys) | [`v0.44.0` → `v0.45.0`](https://cs.opensource.google/go/x/sys/+/refs/tags/v0.44.0...refs/tags/v0.45.0) |  |  | --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xOTAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjE5MC4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> Reviewed-on: https://gitea.com/gitea/tea/pulls/1000 Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Renovate Bot <renovate-bot@gitea.com> Co-committed-by: Renovate Bot <renovate-bot@gitea.com> |
||
|
Renovate Bot
|
3d667c1594 |
chore(deps): update docker.gitea.com/gitea docker tag to v1.26.2 (#997)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [docker.gitea.com/gitea](https://github.com/go-gitea/gitea) | service | patch | `1.26.1` → `1.26.2` | --- ### Release Notes <details> <summary>go-gitea/gitea (docker.gitea.com/gitea)</summary> ### [`v1.26.2`](https://github.com/go-gitea/gitea/blob/HEAD/CHANGELOG.md#1262---2026-05-20) [Compare Source](https://github.com/go-gitea/gitea/compare/v1.26.1...v1.26.2) - SECURITY - fix(permissions): Fix reading permission ([#​37769](https://github.com/go-gitea/gitea/issues/37769)) - fix(actions): make artifact signature payloads unambiguous ([#​37707](https://github.com/go-gitea/gitea/issues/37707)) - fix: Unify public-only token filtering in API queries and repo access checks ([#​37118](https://github.com/go-gitea/gitea/issues/37118)) - fix: Add missed token scope checking ([#​37735](https://github.com/go-gitea/gitea/issues/37735)) - fix(oauth): bind token exchanges to the original client request ([#​37704](https://github.com/go-gitea/gitea/issues/37704)) - fix(oauth): strengthen PKCE validation and refresh token replay protection ([#​37706](https://github.com/go-gitea/gitea/issues/37706)) - fix(web): enforce token scopes on raw, media, and attachment downloads ([#​37698](https://github.com/go-gitea/gitea/issues/37698)) - fix(security): enforce wiki git writes and LFS token access at request time ([#​37695](https://github.com/go-gitea/gitea/issues/37695)) - feat(api): encrypt AWS creds ([#​37679](https://github.com/go-gitea/gitea/issues/37679)) - fix(deps): update dependency mermaid to v11.15.0 \[security], add e2e test - fix(packages): Add label for private and internal package and fix composor package source permission check ([#​37610](https://github.com/go-gitea/gitea/issues/37610)) - fix(git): Fix smart http request scope bug ([#​37583](https://github.com/go-gitea/gitea/issues/37583)) - Fix basic auth bug ([#​37503](https://github.com/go-gitea/gitea/issues/37503)) - Fix allow maintainer edit permission check ([#​37479](https://github.com/go-gitea/gitea/issues/37479)) ([#​37484](https://github.com/go-gitea/gitea/issues/37484)) - Fix URL sanitization to handle schemeless credentials ([#​37440](https://github.com/go-gitea/gitea/issues/37440)) ([#​37471](https://github.com/go-gitea/gitea/issues/37471)) - Fix attachment Content-Security-Policy ([#​37455](https://github.com/go-gitea/gitea/issues/37455)) ([#​37464](https://github.com/go-gitea/gitea/issues/37464)) - chore(deps): bump go-git/go-git/v5 to 5.19.0 ([#​37608](https://github.com/go-gitea/gitea/issues/37608)) - BUGFIXES - fix(pull): handle empty pull request files view to allow reviews ([#​37783](https://github.com/go-gitea/gitea/issues/37783)) - fix(markup): make RenderString never fail ([#​37779](https://github.com/go-gitea/gitea/issues/37779)) - fix: add natural sort to sortTreeViewNodes ([#​37772](https://github.com/go-gitea/gitea/issues/37772)) - fix: package creation unique conflict ([#​37774](https://github.com/go-gitea/gitea/issues/37774)) - fix!: add DEFAULT\_TITLE\_SOURCE setting for pull request title default behavior ([#​37465](https://github.com/go-gitea/gitea/issues/37465)) - fix: Allow direct commits for unprotected files with push restrictions ([#​37657](https://github.com/go-gitea/gitea/issues/37657)) - fix(actions): wrong assumption that run id always >= job id ([#​37737](https://github.com/go-gitea/gitea/issues/37737)) - fix(auth): set User-Agent on avatar fetch and sync avatar on link-account register ([#​37564](https://github.com/go-gitea/gitea/issues/37564)) ([#​37588](https://github.com/go-gitea/gitea/issues/37588)) - fix(actions): deadlock between PrepareRunAndInsert and UpdateTaskByState ([#​37692](https://github.com/go-gitea/gitea/issues/37692)) - fix(repo): /generate must sync the branch table for the new repo ([#​37693](https://github.com/go-gitea/gitea/issues/37693)) - build: Fix snap build (1.26) - fix(actions): run TransferLogs on UpdateLog{Rows:\[], NoMore:true} ([#​37631](https://github.com/go-gitea/gitea/issues/37631)) - fix show correct mergebase - fix: make clone URL respect public URL detection setting ([#​37615](https://github.com/go-gitea/gitea/issues/37615)) - fix: "run as root" check ([#​37622](https://github.com/go-gitea/gitea/issues/37622)) - chore(deps): update dependency go to v1.26.3 ([#​37601](https://github.com/go-gitea/gitea/issues/37601)) - Compare dropdown fails when selecting branch with no common merge-base ([#​37470](https://github.com/go-gitea/gitea/issues/37470)) - fix: treat email addresses case-insensitively ([#​37600](https://github.com/go-gitea/gitea/issues/37600)) - fix(actions): fix blank lines after ::endgroup:: ([#​37597](https://github.com/go-gitea/gitea/issues/37597)) - fix(actions): report individual step status in workflow job API response ([#​37592](https://github.com/go-gitea/gitea/issues/37592)) - fix: Invalid UTF-8 commit messages in JSON API responses ([#​37542](https://github.com/go-gitea/gitea/issues/37542)) - fix: use consistent GetUser family functions ([#​37553](https://github.com/go-gitea/gitea/issues/37553)) - fix(api): return 409 message instead of empty JSON for wrong commit id ([#​37572](https://github.com/go-gitea/gitea/issues/37572)) - fix(actions): prevent panic when workflow contains null jobs ([#​37570](https://github.com/go-gitea/gitea/issues/37570)) - Make ServeSetHeaders default to download attachment if filename exists ([#​37552](https://github.com/go-gitea/gitea/issues/37552)) ([#​37555](https://github.com/go-gitea/gitea/issues/37555)) - Fix(actions): validate workflow param to prevent 500 error ([#​37546](https://github.com/go-gitea/gitea/issues/37546)) ([#​37554](https://github.com/go-gitea/gitea/issues/37554)) - Don't unblock run-level-concurrency-blocked runs in the resolver ([#​37461](https://github.com/go-gitea/gitea/issues/37461)) ([#​37538](https://github.com/go-gitea/gitea/issues/37538)) - Fix(packages): use file names for generic web downloads ([#​37514](https://github.com/go-gitea/gitea/issues/37514)) ([#​37520](https://github.com/go-gitea/gitea/issues/37520)) - Fix merge autodetect can't close other PRs but only the last one when multiple PRs are pushed at once ([#​37512](https://github.com/go-gitea/gitea/issues/37512)) ([#​37516](https://github.com/go-gitea/gitea/issues/37516)) - Fix update branch protection order ([#​37508](https://github.com/go-gitea/gitea/issues/37508)) ([#​37513](https://github.com/go-gitea/gitea/issues/37513)) - Fix mCaptcha broken after Vite migration ([#​37492](https://github.com/go-gitea/gitea/issues/37492)) ([#​37509](https://github.com/go-gitea/gitea/issues/37509)) - Fix review submission from single-commit PR view ([#​37475](https://github.com/go-gitea/gitea/issues/37475)) ([#​37485](https://github.com/go-gitea/gitea/issues/37485)) - Fix scheduled action panic with null event payload ([#​37459](https://github.com/go-gitea/gitea/issues/37459)) ([#​37466](https://github.com/go-gitea/gitea/issues/37466)) - Make GetPossibleUserByID can handle deleted user ([#​37430](https://github.com/go-gitea/gitea/issues/37430)) ([#​37431](https://github.com/go-gitea/gitea/issues/37431)) - Remove excessive quote from terraform instructions ([#​37424](https://github.com/go-gitea/gitea/issues/37424)) ([#​37426](https://github.com/go-gitea/gitea/issues/37426)) - Fix color regressions, add `priority` color ([#​37417](https://github.com/go-gitea/gitea/issues/37417)) ([#​37421](https://github.com/go-gitea/gitea/issues/37421)) - MISC - Add CurrentURL template variable back ([#​37444](https://github.com/go-gitea/gitea/issues/37444)) ([#​37449](https://github.com/go-gitea/gitea/issues/37449)) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xODYuMSIsInVwZGF0ZWRJblZlciI6IjQzLjE4Ni4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> Reviewed-on: https://gitea.com/gitea/tea/pulls/997 Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Renovate Bot <renovate-bot@gitea.com> Co-committed-by: Renovate Bot <renovate-bot@gitea.com> |
||
|
Renovate Bot
|
ef0dc62dd6 |
fix(deps): update module github.com/go-git/go-git/v5 to v5.19.1 (#996)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) | `v5.19.0` → `v5.19.1` |  |  | --- ### Release Notes <details> <summary>go-git/go-git (github.com/go-git/go-git/v5)</summary> ### [`v5.19.1`](https://github.com/go-git/go-git/releases/tag/v5.19.1) [Compare Source](https://github.com/go-git/go-git/compare/v5.19.0...v5.19.1) #### What's Changed - v5: plumbing: transport/ssh, Shell-quote path by [@​hiddeco](https://github.com/hiddeco) in [#​2068](https://github.com/go-git/go-git/pull/2068) - v5: git: submodule, Fix relative URL resolution by [@​hiddeco](https://github.com/hiddeco) in [#​2070](https://github.com/go-git/go-git/pull/2070) - v5: git: submodule, canonical remote for relative URLs by [@​hiddeco](https://github.com/hiddeco) in [#​2074](https://github.com/go-git/go-git/pull/2074) - v5: git: submodule, error on remote without URLs by [@​hiddeco](https://github.com/hiddeco) in [#​2078](https://github.com/go-git/go-git/pull/2078) - v5: plumbing: format/idxfile, Validate offset64 indices by [@​hiddeco](https://github.com/hiddeco) in [#​2084](https://github.com/go-git/go-git/pull/2084) - v5: \*: Reject malformed variable-length integers by [@​hiddeco](https://github.com/hiddeco) in [#​2092](https://github.com/go-git/go-git/pull/2092) - v5: plumbing: format/packfile, Tighten delta validation by [@​hiddeco](https://github.com/hiddeco) in [#​2091](https://github.com/go-git/go-git/pull/2091) - v5: Add `worktreeFilesystem` wrapper for worktree and hardening by [@​hiddeco](https://github.com/hiddeco) in [#​2100](https://github.com/go-git/go-git/pull/2100) - v5: config: validate submodule names by [@​hiddeco](https://github.com/hiddeco) in [#​2082](https://github.com/go-git/go-git/pull/2082) - build: Update module github.com/go-git/go-git/v5 to v5.19.0 \[SECURITY] (releases/v5.x) by [@​go-git-renovate](https://github.com/go-git-renovate)\[bot] in [#​2111](https://github.com/go-git/go-git/pull/2111) - v5: git: Allow MkdirAll on worktree-root paths by [@​hiddeco](https://github.com/hiddeco) in [#​2117](https://github.com/go-git/go-git/pull/2117) - v5: git: Stop validating symlink target paths by [@​pjbgf](https://github.com/pjbgf) in [#​2116](https://github.com/go-git/go-git/pull/2116) - v5: plumbing: format decoder input bounds and contracts by [@​hiddeco](https://github.com/hiddeco) in [#​2125](https://github.com/go-git/go-git/pull/2125) - plumbing: format/packfile, cap delta chain depth in parser by [@​pjbgf](https://github.com/pjbgf) in [#​2137](https://github.com/go-git/go-git/pull/2137) **Full Changelog**: <https://github.com/go-git/go-git/compare/v5.19.0...v5.19.1> </details> --- This PR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xODIuMSIsInVwZGF0ZWRJblZlciI6IjQzLjE4Mi4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> Reviewed-on: https://gitea.com/gitea/tea/pulls/996 Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Renovate Bot <renovate-bot@gitea.com> Co-committed-by: Renovate Bot <renovate-bot@gitea.com> |
||
|
techknowlogick
|
70c7ee11f2 | update renovate config | ||
|
techknowlogick
|
6134351048 | bump go deps v0.14.1 | ||
|
Renovate Bot
|
8be4dae66e |
fix(deps): update module github.com/go-authgate/sdk-go to v0.11.0 (#988)
Reviewed-on: https://gitea.com/gitea/tea/pulls/988 Co-authored-by: Renovate Bot <renovate-bot@gitea.com> Co-committed-by: Renovate Bot <renovate-bot@gitea.com> |
||
|
Renovate Bot
|
b8dcb8a442 |
fix(deps): update module golang.org/x/term to v0.43.0 (#989)
Reviewed-on: https://gitea.com/gitea/tea/pulls/989 Co-authored-by: Renovate Bot <renovate-bot@gitea.com> Co-committed-by: Renovate Bot <renovate-bot@gitea.com> |
||
|
Renovate Bot
|
01632d927e |
fix(deps): update module code.gitea.io/sdk/gitea to v0.25.1 (#991)
Reviewed-on: https://gitea.com/gitea/tea/pulls/991 Co-authored-by: Renovate Bot <renovate-bot@gitea.com> Co-committed-by: Renovate Bot <renovate-bot@gitea.com> |
||
|
Renovate Bot
|
1b79be7cea |
fix(deps): update module github.com/urfave/cli/v3 to v3.9.0 (#992)
Reviewed-on: https://gitea.com/gitea/tea/pulls/992 Co-authored-by: Renovate Bot <renovate-bot@gitea.com> Co-committed-by: Renovate Bot <renovate-bot@gitea.com> |
||
|
Minjie Fang
|
2cc45f1cce |
fix(deps): update github.com/urfave/cli to v3.9.0 (#993)
Fix https://gitea.com/gitea/tea/issues/975 Reviewed-on: https://gitea.com/gitea/tea/pulls/993 Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Minjie Fang <wingsallen@gmail.com> Co-committed-by: Minjie Fang <wingsallen@gmail.com> |
||
|
Minjie Fang
|
2b64762a32 |
Fix login edit to check config existence (#987)
Fix https://gitea.com/gitea/tea/issues/561 Reviewed-on: https://gitea.com/gitea/tea/pulls/987 Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Minjie Fang <wingsallen@gmail.com> Co-committed-by: Minjie Fang <wingsallen@gmail.com> |
||
|
Carlos Grillet
|
19dd8b1b4b |
fix(deps): update module code.gitea.io/sdk/gitea to v0.25.0 (#984)
Bumping gitea SDK to version v0.25.0 Currently there is an issue when users try to use SSH to authenticate to a gitea server. The issue is already reported here #983 The problem was that `*gitea.HTTPSign` embeds `ssh.Signer` (not `ssh.AlgorithmSigner`). `httpsig v1.2.4` type-asserts the signer to `ssh.AlgorithmSigner` for RSA keys and panics because `*HTTPSign` doesn't expose `SignWithAlgorithm`. Fix: SDK v0.25.0 adds `SignWithAlgorithm` to `HTTPSign`, satisfying `ssh.AlgorithmSigner`. Reviewed-on: https://gitea.com/gitea/tea/pulls/984 Reviewed-by: techknowlogick <9+techknowlogick@noreply.gitea.com> Co-authored-by: Carlos Grillet <carlosbeta5000@gmail.com> Co-committed-by: Carlos Grillet <carlosbeta5000@gmail.com> |
||
|
cpamayo
|
f617f26da0 |
fix: pass the name flag value as the organization FullName (#832)
This change proposes that, when creating an organization using the CLI, the value provided in the `--name` parameter is used as the organization `FullName`. --------- Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Reviewed-on: https://gitea.com/gitea/tea/pulls/832 Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: cpamayo <anderson.carl3@mayo.edu> Co-committed-by: cpamayo <anderson.carl3@mayo.edu> |
||
|
Minjie Fang
|
a5ecf06c2a |
Fix login edit to open one editor only (#977)
Fix https://gitea.com/gitea/tea/issues/906 Reviewed-on: https://gitea.com/gitea/tea/pulls/977 Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Minjie Fang <wingsallen@gmail.com> Co-committed-by: Minjie Fang <wingsallen@gmail.com> |
||
|
Renovate Bot
|
e686e8d0bd |
fix(deps): update module github.com/go-authgate/sdk-go to v0.10.0 (#976)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [github.com/go-authgate/sdk-go](https://github.com/go-authgate/sdk-go) | `v0.9.0` → `v0.10.0` |  |  | --- ### Release Notes <details> <summary>go-authgate/sdk-go (github.com/go-authgate/sdk-go)</summary> ### [`v0.10.0`](https://github.com/go-authgate/sdk-go/releases/tag/v0.10.0) [Compare Source](https://github.com/go-authgate/sdk-go/compare/v0.9.0...v0.10.0) #### Changelog ##### Others - [`5b43693`](https://github.com/go-authgate/sdk-go/commit/5b436935ca0c587301754ee8e43dc04329b34623): feat(jwksauth)!: align with upstream JWT\_PRIVATE\_CLAIM\_PREFIX ([#​27](https://github.com/go-authgate/sdk-go/issues/27)) ([@​appleboy](https://github.com/appleboy)) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNjAuNiIsInVwZGF0ZWRJblZlciI6IjQzLjE2MC42IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> Reviewed-on: https://gitea.com/gitea/tea/pulls/976 Co-authored-by: Renovate Bot <renovate-bot@gitea.com> Co-committed-by: Renovate Bot <renovate-bot@gitea.com> |
||
|
ghainer
|
22ff601988 |
feat: add additional admin users subcommands (#842)
## Summary Adds admin user management commands to the tea CLI, enabling admins to create, edit, and delete user accounts. ## Features Added ### Admin User Management Commands - **Create users**: `tea admin users create` - Create new user accounts with configurable options - **Edit users**: `tea admin users edit <username>` - Update user properties including password, permissions, and profile settings - **Delete users**: `tea admin users delete <username>` - Remove user accounts with confirmation prompt ### Implementation Details #### Create Command (`admin users create`) - Required: username - Optional: email, full name, password - Flags: admin, restricted, prohibit-login, visibility - Password input: command-line flag, file, stdin, or interactive prompt with confirmation - Default: users must change password on first login (use `--no-must-change-password` to skip) - Post-creation updates for admin/restricted/prohibit-login (not available during creation) #### Edit Command (`admin users edit`) - Updates only explicitly provided fields (partial updates) - Password change support with the same input methods as create - Editable fields: - Profile: email, full name, description, website, location - Permissions: admin/restricted/active status - Settings: visibility, max repo creation limits - Advanced: git hooks, local imports, organization creation - Default: password changes require password change on next login (use `--no-must-change-password` to skip) #### Delete Command (`admin users delete`) - Confirmation prompt by default - `--confirm` flag to skip confirmation - Displays user details before deletion ### Security Features - Secure password input via interactive prompts (hidden input) - Multiple password input methods: flag, file, stdin, interactive - Password confirmation for interactive mode - Whitespace trimming for file/stdin inputs ### Password Input Methods 1. **Command-line flag**: `--password <value>` 2. **File input**: `--password-file <file>` - Read from file 3. **Stdin input**: `--password-stdin` - Read from stdin 4. **Interactive prompt**: Automatically prompts if password not provided (with confirmation) For edit command: Use `--password=""` to trigger interactive prompt. ## Usage Examples ```bash # Create a new user tea admin users create --username john --email john@example.com --admin --no-must-change-password # Create with interactive password prompt tea admin users create jane --email jane@example.com # Edit user properties tea admin users edit john --email newemail@example.com --restricted # Change user password (will prompt if not provided) tea admin users edit john --password="" tea admin users edit john --password-file /path/to/password.txt # Delete a user (with confirmation) tea admin users delete olduser # Delete without confirmation tea admin users delete olduser --confirm ``` ## Related Issue Resolves #161 ## Testing - Unit tests for all commands - Flag validation and default value tests - Password input method tests (file, stdin, interactive) - Test coverage for all user option structures - Confirmation logic tests for delete command ## Technical Details - Uses Gitea SDK `AdminCreateUser`, `AdminEditUser`, and `AdminDeleteUser` APIs - Follows existing tea CLI patterns and conventions - Handles fields not available during creation via post-creation updates - Partial update support for edit command (only updates explicitly set fields) - Consistent with other tea commands (webhooks, secrets) in password handling and confirmation patterns All tests pass and the implementation integrates with existing tea CLI infrastructure. --------- Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Reviewed-on: https://gitea.com/gitea/tea/pulls/842 Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: ghainer <gehainer@gmail.com> Co-committed-by: ghainer <gehainer@gmail.com> |
||
|
Brandon Fryslie
|
9d6ae4bf02 |
feat(ssh-keys): add ssh-keys command to manage SSH public keys (#940)
## Summary - Adds `tea ssh-keys` command group (aliases: `ssh-key`, `keys`) under the SETUP category - Mirrors the interface of `gh ssh-key add/list/delete` - Three subcommands: `add <keyfile>`, `list`, `delete <id>` ## Commands \`\`\`sh tea ssh-keys add ~/.ssh/id_ed25519.pub # title defaults to filename stem tea ssh-keys add ~/.ssh/id_rsa.pub --title "work laptop" tea ssh-keys add ~/.ssh/deploy.pub --read-only # authentication-only key tea ssh-keys list tea ssh-keys list --output json tea ssh-keys delete 42 # prompts for confirmation tea ssh-keys delete 42 --force # skip prompt \`\`\` ## Test plan - [x] `make lint` — 0 issues - [x] `make fmt-check` — passes - [x] `go test ./cmd/sshkeys/... -run TestKeyTitle` — unit tests pass (no server needed) - [ ] Integration tests with live Gitea instance: \`\`\`sh GITEA_TEA_TEST_URL=https://your-gitea \ GITEA_TEA_TEST_TOKEN=<token> \ go test ./cmd/sshkeys/... -v -run TestSSHKey \`\`\` Exercises full add → SDK-verify → delete → 404-verify lifecycle. --------- Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Brandon Fryslie <530235+brandon-fryslie@users.noreply.github.com> Reviewed-on: https://gitea.com/gitea/tea/pulls/940 Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Brandon Fryslie <186614+brandroid@noreply.gitea.com> Co-committed-by: Brandon Fryslie <186614+brandroid@noreply.gitea.com> |
||
|
Matěj Cepl
|
2985824ab0 |
Multiple PRs (#848)
This is an effort to allow tea pr review to work with multiple reviews. Fixes: #847 Reviewed-on: https://gitea.com/gitea/tea/pulls/848 Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Matěj Cepl <mcepl@cepl.eu> Co-committed-by: Matěj Cepl <mcepl@cepl.eu> |
||
|
Lunny Xiao
|
83b718ac34 |
Move integration tests to tests/ directory (#973)
Reviewed-on: https://gitea.com/gitea/tea/pulls/973 |
||
|
Renovate Bot
|
1f6fd97fc1 |
fix(deps): update module github.com/go-authgate/sdk-go to v0.9.0 (#974)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [github.com/go-authgate/sdk-go](https://github.com/go-authgate/sdk-go) | `v0.8.0` → `v0.9.0` |  |  | --- ### Release Notes <details> <summary>go-authgate/sdk-go (github.com/go-authgate/sdk-go)</summary> ### [`v0.9.0`](https://github.com/go-authgate/sdk-go/releases/tag/v0.9.0) [Compare Source](https://github.com/go-authgate/sdk-go/compare/v0.8.0...v0.9.0) #### Changelog ##### Documentation updates - [`86d33f3`](https://github.com/go-authgate/sdk-go/commit/86d33f315c3eddfe92f37e4d8b3ac30afbc0ef72): docs(jwksauth): tighten readme table column widths ([@​appleboy](https://github.com/appleboy)) ##### Others - [`545d96f`](https://github.com/go-authgate/sdk-go/commit/545d96fd43d8a6e6bc76a3c6b28683ffa3eace06): refactor(jwksauth)!: rename Tenant to Domain and add Tenant sub-claim ([#​25](https://github.com/go-authgate/sdk-go/issues/25)) ([@​appleboy](https://github.com/appleboy)) - [`1e73580`](https://github.com/go-authgate/sdk-go/commit/1e73580c87f2be874101c4ccc02f3dd1ceb17c53): feat(jwksauth)!: adopt slog-style Logger interface ([#​24](https://github.com/go-authgate/sdk-go/issues/24)) ([@​appleboy](https://github.com/appleboy)) - [`7af1bc4`](https://github.com/go-authgate/sdk-go/commit/7af1bc463714a2c4e6aea1741c87b20fdbba21ce): test(jwksauth): fix stale Tenant references in policy reject test ([#​26](https://github.com/go-authgate/sdk-go/issues/26)) ([@​appleboy](https://github.com/appleboy)) </details> --- Reviewed-on: https://gitea.com/gitea/tea/pulls/974 Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Renovate Bot <renovate-bot@gitea.com> Co-committed-by: Renovate Bot <renovate-bot@gitea.com> |
||
|
Renovate Bot
|
27e6083e23 |
fix(deps): update module github.com/go-authgate/sdk-go to v0.8.0 (#972)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [github.com/go-authgate/sdk-go](https://github.com/go-authgate/sdk-go) | `v0.7.0` → `v0.8.0` |  |  | --- ### Release Notes <details> <summary>go-authgate/sdk-go (github.com/go-authgate/sdk-go)</summary> ### [`v0.8.0`](https://github.com/go-authgate/sdk-go/releases/tag/v0.8.0) [Compare Source](https://github.com/go-authgate/sdk-go/compare/v0.7.0...v0.8.0) #### Changelog ##### Refactor - [`62ccff0`](https://github.com/go-authgate/sdk-go/commit/62ccff06c837abe9c9cd6d8411525e3d25344cf1): refactor(jwksauth): share OIDC discovery and drop tenant cache ([#​23](https://github.com/go-authgate/sdk-go/issues/23)) ([@​appleboy](https://github.com/appleboy)) - [`088ee3b`](https://github.com/go-authgate/sdk-go/commit/088ee3bd2d5f891c03d27212a6ed5283b1434282): refactor(sdk): harden HTTP reads and improve code quality ([#​18](https://github.com/go-authgate/sdk-go/issues/18)) ([@​appleboy](https://github.com/appleboy)) - [`aa17bc2`](https://github.com/go-authgate/sdk-go/commit/aa17bc2373b675b0f0882672706c66a0f523b05f): refactor: simplify oauth client and token source flows ([#​22](https://github.com/go-authgate/sdk-go/issues/22)) ([@​appleboy](https://github.com/appleboy)) </details> --------- Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Reviewed-on: https://gitea.com/gitea/tea/pulls/972 Co-authored-by: Renovate Bot <renovate-bot@gitea.com> Co-committed-by: Renovate Bot <renovate-bot@gitea.com> |
||
|
Lunny Xiao
|
5d2d1a6e0c |
fix(webhook): Fix when creating webhook, branch filter and auth header cannot be added (#964)
Fix #963 Reviewed-on: https://gitea.com/gitea/tea/pulls/964 |
||
|
Oleksii Zaremskyi
|
88421bb888 |
fix: read --assignee flag value instead of nonexistent --assigned-to (#971)
## What this PR does
`tea issues list --assignee USERNAME` currently returns every issue regardless of the assignee value — even nonexistent users return a full unfiltered list. Discovered against **tea v0.14.0** (with go-sdk v0.24.1) and reproduced on current `master` (commit `dd81b33`). This PR fixes that.
## Root cause
Two distinct bugs on the same flag, both in `cmd/issues/list.go`:
1. **Per-repo path** (`tea issues list --repo OWNER/REPO --assignee USER`): the code reads `ctx.String("assigned-to")` for `AssignedBy`, but the flag is defined as `--assignee` in `cmd/flags/issue_pr.go:66`. The lookup always returns `""`, so the SDK omits the `assigned_by` query parameter and the API returns everything.
2. **Global path** (`tea issues list --assignee USER`, no `--repo`): this hits `/repos/issues/search`, which silently ignores `assigned_by`. Even after fix #1 the no-repo form would still return unfiltered results. Verified directly:
- `GET /repos/issues/search?assigned_by=USER&owner=ORG&state=open` → all open issues
- `GET /repos/issues/search?assigned=true&owner=ORG&state=open` → only the issues assigned to the authenticated user
The endpoint only supports `assigned=true` (boolean self-filter), not arbitrary-user filtering, and `ListIssueOption` doesn't expose that field. Rather than misleading the caller, the no-repo path now returns a clear error.
## Changes
Both changes are in `cmd/issues/list.go`:
1. Read `ctx.String("assignee")` instead of the non-existent flag name `"assigned-to"` (lines 80 and 97).
2. In the no-`--repo` branch, return `errors.New("--assignee requires --repo (...)")` when the flag is set.
`cmd/pulls/list.go` does not expose an assignee filter, so it's unaffected. The `--author` mapping (`CreatedBy ← ctx.String("author")`) was already correct and is the model the fix follows.
## Manual verification
Tested against a local Gitea instance with three open issues (only one assigned to the test user):
| Command | Before | After |
|---|---|---|
| `tea issues list --repo X --assignee me` | all 3 | only the 1 assigned ✓ |
| `tea issues list --repo X --assignee nonexistent` | all 3 | `Error: not found` ✓ |
| `tea issues list --repo X --author me` | only the 1 (control) | unchanged ✓ |
| `tea issues list --assignee me` (no `--repo`) | all 3 (silent) | clear error ✓ |
| `tea issues list` (no flags) | all 3 | unchanged ✓ |
---------
Co-authored-by: claude_1 <claude_1@bot.gqx.lol>
Reviewed-on: https://gitea.com/gitea/tea/pulls/971
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Oleksii Zaremskyi <grossqx@gmail.com>
Co-committed-by: Oleksii Zaremskyi <grossqx@gmail.com>
|
||
|
Wesley Moore
|
dd81b33cec |
Fix man page section (#969)
Co-authored-by: Wesley Moore <wes@wezm.net> Co-committed-by: Wesley Moore <wes@wezm.net> |
||
|
Renovate Bot
|
b100d4c939 |
fix(deps): update module github.com/go-authgate/sdk-go to v0.7.0 (#970)
Reviewed-on: https://gitea.com/gitea/tea/pulls/970 Co-authored-by: Renovate Bot <renovate-bot@gitea.com> Co-committed-by: Renovate Bot <renovate-bot@gitea.com> |
||
|
Renovate Bot
|
892905d482 |
chore(deps): update docker.gitea.com/gitea docker tag to v1.26.1 (#968)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [docker.gitea.com/gitea](https://github.com/go-gitea/gitea) | service | patch | `1.26.0` → `1.26.1` | --- ### Release Notes <details> <summary>go-gitea/gitea (docker.gitea.com/gitea)</summary> ### [`v1.26.1`](https://github.com/go-gitea/gitea/releases/tag/v1.26.1) [Compare Source](https://github.com/go-gitea/gitea/compare/v1.26.0...v1.26.1) - BUGFIXES \* Add event.schedule context for schedule actions task ([#​37320](https://github.com/go-gitea/gitea/issues/37320)) ([#​37348](https://github.com/go-gitea/gitea/issues/37348)) \* Fix an issue where changing an organization's visibility caused problems when users had forked its repositories. ([#​37324](https://github.com/go-gitea/gitea/issues/37324)) ([#​37344](https://github.com/go-gitea/gitea/issues/37344)) \* Use modern "git update-index --cacheinfo" syntax to support more file names ([#​37338](https://github.com/go-gitea/gitea/issues/37338)) ([#​37343](https://github.com/go-gitea/gitea/issues/37343)) \* Fix URL related escaping for oauth2 ([#​37334](https://github.com/go-gitea/gitea/issues/37334)) ([#​37340](https://github.com/go-gitea/gitea/issues/37340)) \* When the requested arch rpm is missing fall back to noarch ([#​37236](https://github.com/go-gitea/gitea/issues/37236)) ([#​37339](https://github.com/go-gitea/gitea/issues/37339)) \* Fix actions concurrency groups cross-branch leak ([#​37311](https://github.com/go-gitea/gitea/issues/37311)) ([#​37331](https://github.com/go-gitea/gitea/issues/37331)) \* Fix bug when accessing user badges ([#​37321](https://github.com/go-gitea/gitea/issues/37321)) ([#​37329](https://github.com/go-gitea/gitea/issues/37329)) \* Fix AppFullLink ([#​37325](https://github.com/go-gitea/gitea/issues/37325)) ([#​37328](https://github.com/go-gitea/gitea/issues/37328)) \* Fix container auth for public instance ([#​37290](https://github.com/go-gitea/gitea/issues/37290)) ([#​37294](https://github.com/go-gitea/gitea/issues/37294)) \* Enhance GetActionWorkflow to support fallback references ([#​37189](https://github.com/go-gitea/gitea/issues/37189)) ([#​37283](https://github.com/go-gitea/gitea/issues/37283)) \* Fix vite manifest update masking build errors ([#​37279](https://github.com/go-gitea/gitea/issues/37279)) ([#​37310](https://github.com/go-gitea/gitea/issues/37310)) \* Fix Mermaid diagrams failing when node labels contain line breaks ([#​37296](https://github.com/go-gitea/gitea/issues/37296)) ([#​37299](https://github.com/go-gitea/gitea/issues/37299)) \* Use TriggerEvent instead of Event in workflow runs API response for scheduled runs ([#​37288](https://github.com/go-gitea/gitea/issues/37288)) [#​37360](https://github.com/go-gitea/gitea/issues/37360) \* Add URL to Learn more about blocking a user. ([#​37355](https://github.com/go-gitea/gitea/issues/37355)) [#​37367](https://github.com/go-gitea/gitea/issues/37367) \* Fix button layout shift when collapsing file tree in editor ([#​37363](https://github.com/go-gitea/gitea/issues/37363)) [#​37375](https://github.com/go-gitea/gitea/issues/37375) \* Fix org team assignee/reviewer lookups for team member permissions ([#​37365](https://github.com/go-gitea/gitea/issues/37365)) [#​37391](https://github.com/go-gitea/gitea/issues/37391) \* Fix repo init README EOL ([#​37388](https://github.com/go-gitea/gitea/issues/37388)) [#​37399](https://github.com/go-gitea/gitea/issues/37399) \* Fix: dump with default zip type produces uncompressed zip ([#​37401](https://github.com/go-gitea/gitea/issues/37401))[#​37402](https://github.com/go-gitea/gitea/issues/37402) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNDAuMCIsInVwZGF0ZWRJblZlciI6IjQzLjE0MC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> Reviewed-on: https://gitea.com/gitea/tea/pulls/968 Co-authored-by: Renovate Bot <renovate-bot@gitea.com> Co-committed-by: Renovate Bot <renovate-bot@gitea.com> |
||
|
Alain Thiffault
|
5103496232 |
fix(pagination): replace Page:-1 with explicit pagination loops (#967)
## Summary \`Page: -1\` in the Gitea SDK calls \`setDefaults()\` which sets both \`Page=0\` and \`PageSize=0\`, resulting in \`?page=0&limit=0\` being sent to the server. The server interprets \`limit=0\` as "use server default" (typically 30 items via \`DEFAULT_PAGING_NUM\`), not "return everything". Any resource beyond the first page of results was silently invisible. This affected 8 call sites, with the most user-visible impact being \`tea issues edit --add-labels\` and \`tea pulls edit --add-labels\` silently failing to apply labels on repositories with more than ~30 labels. ## Affected call sites | File | API call | User-visible impact | |---|---|---| | \`modules/task/labels.go\` | \`ListRepoLabels\` | \`issues/pulls edit --add-labels\` fails silently | | \`modules/interact/issue_create.go\` | \`ListRepoLabels\` | interactive label picker missing labels | | \`modules/task/pull_review_comment.go\` | \`ListPullReviews\` | review comments truncated | | \`modules/task/login_ssh.go\` | \`ListMyPublicKeys\` | SSH key auto-detection fails | | \`modules/task/login_create.go\` | \`ListAccessTokens\` | token name deduplication misses existing tokens | | \`cmd/pulls.go\` | \`ListPullReviews\` | PR detail view missing reviews | | \`cmd/releases/utils.go\` | \`ListReleases\` | tag lookup fails on repos with many releases | | \`cmd/attachments/delete.go\` | \`ListReleaseAttachments\` | attachment deletion fails when many attachments exist | ## Fix Each call site is replaced with an explicit pagination loop that follows \`resp.NextPage\` until all pages are exhausted. Reviewed-on: https://gitea.com/gitea/tea/pulls/967 Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Alain Thiffault <athiffau@effectivemomentum.com> Co-committed-by: Alain Thiffault <athiffau@effectivemomentum.com> |
||
|
Nicolas
|
a58c35c3e2 |
fix(cmd): Update CmdRepos description and usage in repos.go (#946)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Reviewed-on: https://gitea.com/gitea/tea/pulls/946 Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Nicolas <bircni@icloud.com> Co-committed-by: Nicolas <bircni@icloud.com> |
||
|
Matěj Cepl
|
783ac7684a |
fix(context): skip local repo detection for repo slugs (#960)
Treat explicit --repo slugs as remote targets so commands do not probe the current worktree. This avoids SHA256 repository failures when local git autodetection is unnecessary. --------- Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Reviewed-on: https://gitea.com/gitea/tea/pulls/960 Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Matěj Cepl <mcepl@cepl.eu> Co-committed-by: Matěj Cepl <mcepl@cepl.eu> |
||
|
Renovate Bot
|
d0b7ea09e8 |
fix(deps): update module charm.land/lipgloss/v2 to v2.0.3 (#959)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [charm.land/lipgloss/v2](https://github.com/charmbracelet/lipgloss) | `v2.0.2` → `v2.0.3` |  |  | --- ### Release Notes <details> <summary>charmbracelet/lipgloss (charm.land/lipgloss/v2)</summary> ### [`v2.0.3`](https://github.com/charmbracelet/lipgloss/releases/tag/v2.0.3) [Compare Source](https://github.com/charmbracelet/lipgloss/compare/v2.0.2...v2.0.3) #### Changelog ##### Fixed - [`472d718`](https://github.com/charmbracelet/lipgloss/commit/472d718e2314596549bee2c0c8ccf8beea5f25ae): fix: Avoid background color query hang ([#​636](https://github.com/charmbracelet/lipgloss/issues/636)) ([@​jedevc](https://github.com/jedevc)) ##### Docs - [`9e39a0a`](https://github.com/charmbracelet/lipgloss/commit/9e39a0ad4f4fc779d620f17783cee3494da6ae29): docs: fix README typo ([#​629](https://github.com/charmbracelet/lipgloss/issues/629)) ([@​Rohan5commit](https://github.com/Rohan5commit)) - [`cd93a9f`](https://github.com/charmbracelet/lipgloss/commit/cd93a9f5d2e3cb151da83150db29751d92585d23): docs: fix tree comment typo ([#​634](https://github.com/charmbracelet/lipgloss/issues/634)) ([@​Rohan5commit](https://github.com/Rohan5commit)) *** <a href="https://charm.land/"><img alt="The Charm logo" src="https://stuff.charm.sh/charm-banner-next.jpg" width="400"></a> Thoughts? Questions? We love hearing from you. Feel free to reach out on [X](https://x.com/charmcli), [Discord](https://charm.land/discord), [Slack](https://charm.land/slack), [The Fediverse](https://mastodon.social/@​charmcli), [Bluesky](https://bsky.app/profile/charm.land). </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMTEuMCIsInVwZGF0ZWRJblZlciI6IjQzLjExMS4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> --------- Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Reviewed-on: https://gitea.com/gitea/tea/pulls/959 Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Renovate Bot <renovate-bot@gitea.com> Co-committed-by: Renovate Bot <renovate-bot@gitea.com> |
||
|
Renovate Bot
|
20914a1375 |
fix(deps): update module github.com/go-git/go-git/v5 to v5.18.0 (#961)
Reviewed-on: https://gitea.com/gitea/tea/pulls/961 Co-authored-by: Renovate Bot <renovate-bot@gitea.com> Co-committed-by: Renovate Bot <renovate-bot@gitea.com> |
||
|
Renovate Bot
|
3c1c9b2904 |
chore(deps): update docker.gitea.com/gitea docker tag to v1.26.0 (#962)
Reviewed-on: https://gitea.com/gitea/tea/pulls/962 Co-authored-by: Renovate Bot <renovate-bot@gitea.com> Co-committed-by: Renovate Bot <renovate-bot@gitea.com> |
||
|
Matěj Cepl
|
63bc90ea52 |
feat(branches): add rename subcommand (#939)
Implements the 'branches rename' command to rename a branch in a repository.
This wraps the Gitea API endpoint PATCH /repos/{owner}/{repo}/branches/{branch}.
Usage: tea branches rename <old_branch_name> <new_branch_name>
Example: tea branches rename -r owner/repo main factory
This resolves issue #938.
Reviewed-on: https://gitea.com/gitea/tea/pulls/939
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Matěj Cepl <mcepl@cepl.eu>
Co-committed-by: Matěj Cepl <mcepl@cepl.eu>
v0.14.0
|
||
|
Bo-Yi Wu
|
9e0a6203ae |
feat(pulls): add ci status field to pull request list (#956)
## Summary - Add `"ci"` as a new selectable field for `tea pr list --fields`, allowing users to see CI status across multiple PRs at a glance - Fetch CI status via `GetCombinedStatus` API **only when the `ci` field is explicitly requested** via `--fields`, avoiding unnecessary API calls in default usage - Improve CI status display in both detail and list views: - **Detail view** (`tea pr <index>`): show each CI check with symbol, context name, description, and clickable link to CI run - **List view** (`tea pr list --fields ci`): show symbol + context name per CI check (e.g., `✓ lint, ⏳ build, ❌ test`) - **Machine-readable output**: return raw state string (e.g., `success`, `pending`) - Replace pending CI symbol from `⭮` to `⏳` for better readability - Extract `formatCIStatus` helper and reuse it in `PullDetails` to reduce code duplication - Add comprehensive tests for CI status formatting and PR list integration ## Detail View Example ``` - CI: - ✓ [**lint**](https://ci.example.com/lint): Lint passed - ⏳ [**build**](https://ci.example.com/build): Build is running - ❌ [**test**](https://ci.example.com/test): 3 tests failed ``` ## List View Example ``` INDEX TITLE STATE CI 123 Fix bug open ✓ lint, ⏳ build, ❌ test ``` ## Usage ```bash # Show CI status column in list tea pr list --fields index,title,state,ci # Default output is unchanged (no CI column, no extra API calls) tea pr list ``` ## Files Changed - `cmd/pulls/list.go` — conditionally fetch CI status per PR when `ci` field is selected - `modules/print/pull.go` — add `ci` field, `formatCIStatus` helper, improve detail/list CI display - `modules/print/pull_test.go` — comprehensive tests for CI status formatting ## Test plan - [x] `go build ./...` passes - [x] `go test ./...` passes (11 new tests) - [x] `tea pr list` — default output unchanged, no extra API calls - [x] `tea pr list --fields index,title,state,ci` — CI column with context names - [x] `tea pr <index>` — CI section shows each check with name, description, and link - [x] `tea pr list --fields ci -o csv` — machine-readable output shows raw state strings 🤖 Generated with [Claude Code](https://claude.com/claude-code) Reviewed-on: https://gitea.com/gitea/tea/pulls/956 Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Bo-Yi Wu <appleboy.tw@gmail.com> Co-committed-by: Bo-Yi Wu <appleboy.tw@gmail.com> |
||
|
Bo-Yi Wu
|
84ecd16f9c |
fix(deps): update Go dependencies to latest versions (#955)
## Summary - Upgrade all Go module dependencies to their latest versions - Includes updates to charm.land, golang.org/x, goldmark, go-crypto, and other indirect dependencies - Project builds cleanly with all updates ## Test plan - [x] `go build ./...` passes - [x] CI pipeline passes 🤖 Generated with [Claude Code](https://claude.com/claude-code) Reviewed-on: https://gitea.com/gitea/tea/pulls/955 Co-authored-by: Bo-Yi Wu <appleboy.tw@gmail.com> Co-committed-by: Bo-Yi Wu <appleboy.tw@gmail.com> |
||
|
Bo-Yi Wu
|
53e53e1067 |
feat(workflows): add dispatch, view, enable and disable subcommands (#952)
## Summary - Add `tea actions workflows dispatch` to trigger `workflow_dispatch` events with `--ref`, `--input key=value`, and `--follow` for log tailing - Add `tea actions workflows view` to show workflow details - Add `tea actions workflows enable` and `disable` to toggle workflow state - Rewrite `workflows list` to use the Workflow API instead of file listing - Remove dead `WorkflowsList` print function that used `ContentsResponse` - Update `CLI.md` and `example-workflows.md` with usage documentation and examples ## Motivation Enable re-triggering specific workflows from the CLI, which is essential for AI-driven PR flows where a specific workflow needs to be re-run after pushing changes. Leverages the 5 workflow API endpoints already supported by the Go SDK (v0.24.1) from go-gitea/gitea#33545: - `ListRepoActionWorkflows` - `GetRepoActionWorkflow` - `DispatchRepoActionWorkflow` (with `returnRunDetails` support) - `EnableRepoActionWorkflow` - `DisableRepoActionWorkflow` ## New commands \`\`\` tea actions workflows ├── list (rewritten to use Workflow API) ├── view <id> (new) ├── dispatch <id> (new) ├── enable <id> (new) └── disable <id> (new) \`\`\` ### Usage examples \`\`\`bash # Dispatch workflow on current branch tea actions workflows dispatch deploy.yml # Dispatch with specific ref and inputs tea actions workflows dispatch deploy.yml --ref main --input env=staging --input version=1.2.3 # Dispatch and follow logs tea actions workflows dispatch ci.yml --ref feature/my-pr --follow # View workflow details tea actions workflows view deploy.yml # Enable/disable workflows tea actions workflows enable deploy.yml tea actions workflows disable deploy.yml --confirm \`\`\` ## Test plan - [x] `go build ./...` passes - [x] `go test ./...` passes - [x] `go vet ./...` passes - [x] `make lint` — 0 issues - [x] `make docs-check` — CLI.md is up to date - [x] Manual test: `tea actions workflows list` shows workflows from API - [x] Manual test: `tea actions workflows dispatch <workflow> --ref main` triggers a run - [x] Manual test: `tea actions workflows view <workflow>` shows details --------- Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Reviewed-on: https://gitea.com/gitea/tea/pulls/952 Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Bo-Yi Wu <appleboy.tw@gmail.com> Co-committed-by: Bo-Yi Wu <appleboy.tw@gmail.com> |
