Adds a "Move to Vault" button to the file view toolbar that allows
developers to move sensitive files directly into encrypted Vault storage.
Features:
- Button appears next to Edit/Delete when Vault plugin is loaded
- Confirmation page shows file details and warnings
- File is encrypted and stored in Vault as type "file"
- File is then deleted from the repository with a commit
- 50MB file size limit for vault storage
Files added:
- routers/web/repo/vault_move.go - Handler for move-to-vault action
- templates/repo/editor/move_to_vault.tmpl - Confirmation page
Files modified:
- routers/web/repo/view_file.go - Added CanMoveToVault permission check
- templates/repo/view_file.tmpl - Added Move to Vault button
- routers/web/web.go - Registered /_move-to-vault/* route
- services/forms/repo_form_editor.go - Added MoveToVaultForm
- options/locale/locale_en-US.json - Added translation keys
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Adds optional group_header field to organizations for categorizing them on the explore page (e.g., "Enterprise", "Community", "Partners"). Includes database migration, organization settings form field, and grouped display template. Groups are sorted alphabetically with ungrouped organizations shown last. Users can toggle grouping view with show_groups parameter.
Adds a GroupHeader field to repositories allowing them to be grouped under custom headers on organization pages. Includes database migration v333, form handling, and grouped/ungrouped view toggle in the UI.
Go's semantic import versioning requires v2+ modules to include the
major version in the module path. This enables using proper version
tags (v3.x.x) instead of pseudo-versions.
Updated module path: code.gitcaddy.com/server/v3
- Add AI Learning admin section for viewing/editing error patterns
- Add server status tiles to admin dashboard (CPU load, memory, disk)
- Auto-refresh dashboard tiles using HTMX
- Fix error template text (GitCaddy Server)
- Dark mode compatibility for all new UI elements
🤖 Generated with Claude Code
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add repository display title field shown in header and explore listings
- Add license settings page with predefined license types
- Auto-create LICENSE.md when license type is selected
- Show license in repo sidebar with link to LICENSE.md
- Add API header link option in theme settings
- Default explore/organizations sort to alphabetical
- Show org DisplayName only in /explore/organizations
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add customizable homepage title and tagline via admin theme settings
- Add ability for site admins to pin organizations to homepage
- Add pinned organization display format option (condensed/regular)
- Hide promotional text when pinned organizations are displayed
- Add database migration for is_homepage_pinned column
- Add custom site icon support for favicon and navbar
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- New files: Copyright 2026 MarketAlly
- Modified files: Copyright YYYY The Gitea Authors and MarketAlly
🤖 Generated with Claude Code
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add ShowHeatmapOnProfile field to user model
- Add checkbox in user settings under privacy section
- Display heatmap on profile overview page when enabled
- Users can now show their contribution activity on their profile
🤖 Generated with Claude Code
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This pull request adds an option to automatically verify SSH keys from
LDAP authentication sources.
This allows a correct authentication and verification workflow for
LDAP-enabled organizations; under normal circumstances SSH keys in LDAP
are not managed by users manually.
Similar to GitHub, release notes can now be generated automatically.
The generator is server-side and gathers the merged PRs and contributors
and returns the corresponding Markdown text.
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Fix#880
Design:
1. A global setting `security.TWO_FACTOR_AUTH`.
* To support org-level config, we need to introduce a better "owner
setting" system first (in the future)
2. A user without 2FA can login and may explore, but can NOT read or
write to any repositories via API/web.
3. Keep things as simple as possible.
* This option only aggressively suggest users to enable their 2FA at the
moment, it does NOT guarantee that users must have 2FA before all other
operations, it should be good enough for real world use cases.
* Some details and tests could be improved in the future since this
change only adds a check and seems won't affect too much.
---------
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
This pull request adds a GitHub-compatible API endpoint to lock and
unlock an issue.
The following routes exist now:
- `PUT /api/v1/repos/{owner}/{repo}/issues/{id}/lock` to lock an issue
- `DELETE /api/v1/repos/{owner}/{repo}/issues/{id}/lock` to unlock an issue
Fixes#33677Fixes#20012
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Fix#2616
This PR adds a new sort option for exclusive labels.
For exclusive labels, a new property is exposed called "order", while in
the UI options are populated automatically in the `Sort` column (see
screenshot below) for each exclusive label scope.
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Follow #33127Fix#8649, fix#639
This is a complete solution. A repo unit could be set to:
* Anonymous read (non-signed-in user)
* Everyone read (signed-in user)
* Everyone write (wiki-only)
Extract from #33320
This PR uses a map instead of a struct to store webhook event
information. It removes many duplicated functions and makes the logic
clearer.
Found while investigating #33210.
This line no longer makes sense because the form field "TagName" is
required, so this would mean that this code path would never be covered.
Because it isn't covered, we end up going down the "update release"
logic where we eventually set `Release.IsTag` to false (meaning it will
now be treated as a release instead of a tag).
This snapshot rewrites the condition to ensure that we aren't trying to
create a tag that already exists.
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
This fixes a TODO in the code to validate the RedirectURIs when adding
or editing an OAuth application in user settings.
This also includes a refactor of the user settings tests to only create
the DB once per top-level test to avoid reloading fixtures.
## Solves
Currently for rules to re-order them you have to alter the creation
date. so you basicly have to delete and recreate them in the right
order. This is more than just inconvinient ...
## Solution
Add a new col for prioritization
## Demo WebUI Video
https://github.com/user-attachments/assets/92182a31-9705-4ac5-b6e3-9bb74108cbd1
---
*Sponsored by Kithara Software GmbH*
Follow #32460
Now the code could be much clearer than before and easier to maintain. A
lot of legacy code is removed.
Manually tested.
This PR is large enough, that fine tunes could be deferred to the future if
there is no bug found or design problem.
Screenshots:
<details>
</details>
This introduces a new flag `BlockAdminMergeOverride` on the branch
protection rules that prevents admins/repo owners from bypassing branch
protection rules and merging without approvals or failing status checks.
Fixes#17131
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
