Hiddenden/AegisGitea-MCP
3
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases 1 Wiki Activity
99 Commits 2 Branches 1 Tag
dev
Commit Graph

7 Commits

Author SHA1 Message Date
Latte 385b442b6f docs: local vs server quickstart, authz model, packaging 
Reframe the README around two transports and add a local stdio quickstart with
uvx/pip and Claude Desktop / Claude Code wiring. New docs: local-quickstart.md
and packaging.md (uv build/publish). Document resource-type-aware authorization
and classified gitea_request in security.md; stdio env vars + audit-log
fallback in configuration.md; local install in deployment.md; core+adapters in
architecture.md. Add the missing root AGENTS.md contract, update CLAUDE.md with
the core/adapter layout, fail-closed invariants, and the branching flow
(HEAD -> feature -> dev -> main). Update roadmap/todo and .env.example.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-06-27 11:17:01 +02:00
Latte b8217dce8a feat: harden OAuth state secret validation, DCR file permissions, and policy defaults
docker / test (pull_request) Successful in 24s
Details
lint / lint (pull_request) Successful in 37s
Details
lint / lint (push) Successful in 1m26s
Details
test / test (push) Successful in 1m40s
Details
test / test (pull_request) Successful in 34s
Details
docker / lint (pull_request) Successful in 1m59s
Details
docker / docker-test (pull_request) Successful in 14s
Details
docker / docker-publish (pull_request) Has been skipped
Details 
- Enforce 32-char minimum on OAUTH_STATE_SECRET at startup (config.py)
- Write DCR client registry with owner-only (0o600) permissions before atomic replace
- Flip policy.yaml default write action from allow → deny
- Add CLAUDE.md with architecture, commands, and AGENTS.md contract summary
- Add .pre-commit-config.yaml mirroring `make lint` checks
- Update .gitignore: add .venv, .claude, .mypy_cache, .ruff_cache, .coverage.*
- Extend docs: audit log rotation guidance, OAUTH_STATE_SECRET and DCR_STORAGE_PATH notes
- Tests: short-secret rejection, 32-char acceptance, POSIX permission check for DCR store

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-06-14 14:13:22 +02:00
Latte b275f5c0c2 docs: retarget setup to Claude connectors
test / test (push) Has been cancelled
Details
lint / lint (push) Has been cancelled
Details
docker / test (pull_request) Successful in 13s
Details
docker / lint (pull_request) Successful in 2m3s
Details
lint / lint (pull_request) Successful in 16s
Details
test / test (pull_request) Successful in 14s
Details
docker / docker-test (pull_request) Successful in 42s
Details
docker / docker-publish (pull_request) Has been skipped
Details
2026-06-13 21:05:21 +02:00
Latte c79cc1ab9e Add PUBLIC_BASE_URL and refine OAuth scopes
docker / lint (push) Has been cancelled
Details
docker / test (push) Has been cancelled
Details
docker / docker-build (push) Has been cancelled
Details
lint / lint (push) Has been cancelled
Details
test / test (push) Has been cancelled
Details
2026-02-25 20:49:08 +01:00
Latte 59e1ea53a8 Add OAuth2/OIDC per-user Gitea authentication
docker / lint (push) Has been cancelled
Details
docker / test (push) Has been cancelled
Details
docker / docker-build (push) Has been cancelled
Details
lint / lint (push) Has been cancelled
Details
test / test (push) Has been cancelled
Details 
Introduce a GiteaOAuthValidator for JWT and userinfo validation and
fallbacks, add /oauth/token proxy, and thread per-user tokens through
the
request context and automation paths. Update config and .env.example for
OAuth-first mode, add OpenAPI, extensive unit/integration tests,
GitHub/Gitea CI workflows, docs, and lint/test enforcement (>=80% cov).
 2026-02-25 16:54:01 +01:00
Latte ecc87cbb65 quick fix 2026-02-14 17:18:30 +01:00
matsv e17d34e6d7 docs: Add documentation site and API reference 2026-02-13 15:12:14 +01:00