Implement internationalization system for landing pages:
- Database model for storing language-specific translations
- Language configuration with default and enabled languages
- Language switcher in navigation across all templates
- Translation management UI in settings
- Support for 15 languages including English, Spanish, German, French, Japanese, Chinese
- Auto-detection and manual language selection
- AI-powered translation generation capability
Update runner label matching to strip ":scheme" suffixes (e.g., ":host", ":docker") before comparison. This allows runners with "germany-linux:host" to match jobs with "runs-on: germany-linux" and vice versa.
Previously, exact label match was required, causing runners with scheme-qualified labels to fail matching jobs without schemes.
Adds v2 API endpoints for optimized workflow status queries. Implements /workflows/status to fetch latest run per workflow in single query using MAX(id) grouping. Adds /runs/{id}/failure-log endpoint returning structured failure data with job details, failed steps, log tails (last 200 lines), and workflow YAML content. Reduces client-side API calls and processing overhead.
Implement critical production readiness features for AI integration: per-request provider config, admin dashboard, workflow inspection, and plugin framework foundation.
Per-Request Provider Config:
- Add ProviderConfig struct to all AI request types
- Update queue to resolve provider/model/API key from cascade (repo > org > system)
- Pass resolved config to AI sidecar on every request
- Fixes multi-tenant issue where all orgs shared sidecar's hardcoded config
Admin AI Dashboard:
- Add /admin/ai page with sidecar health status
- Display global operation stats (total, 24h, success/fail/escalated counts)
- Show operations by tier, top 5 repos, token usage
- Recent operations table with repo, operation, status, duration
- Add GetGlobalOperationStats model method
Workflow Inspection:
- Add InspectWorkflow client method and types
- Implement workflow-inspect queue handler
- Add notifier trigger on workflow file push
- Analyzes YAML for syntax errors, security issues, best practices
- Returns structured issues with line numbers and suggested fixes
Plugin Framework (Phase 5 Foundation):
- Add external plugin config loading from app.ini
- Define ExternalPlugin interface and manager
- Add plugin.proto contract (Initialize, Shutdown, HealthCheck, OnEvent, HandleHTTP)
- Implement health monitoring with auto-restart for managed plugins
- Add event routing to subscribed plugins
- HTTP proxy support for plugin-served routes
This completes Tasks 1-4 from the production readiness plan and establishes the foundation for managed plugin lifecycle.
Refactor AI service layer to reduce code duplication and improve consistency.
Changes:
- Rename AIOperationRequest to OperationRequest for consistency
- Extract shared logic for issue-targeted operations (respond, triage) into triggerIssueAIOp helper
- Standardize field alignment in struct definitions
- Remove redundant error handling patterns
This reduces the API operations file by ~40 lines while maintaining identical functionality.
Implement core AI service infrastructure including agent operations, escalation handling, and asynchronous queue processing.
New services:
- Agent service: Handles Tier 2 AI operations with action runner integration
- Queue service: Asynchronous processing of AI operations with retry logic
- Escalation service: Routes complex issues to staff with configurable rules
- Notifier service: Sends notifications for AI operation results
Additional changes:
- Add GitCaddy AI system user (ID: -3) for bot operations
- Add AIConfig to repository units
- Add AI-specific error codes (rate limiting, service errors, etc.)
- Extend AI client with GenerateIssueResponse method
- Add AISettingsV2 struct for repository-level AI configuration
The queue system enables non-blocking AI operations with proper error handling and rate limiting.
Add database models and infrastructure for AI operation tracking and organization-level AI configuration.
OperationLog model tracks all AI operations for auditing, including:
- Operation type, tier, and trigger event
- Token usage (input/output)
- Status tracking (pending, success, failed, escalated)
- Performance metrics (duration)
- Rate limiting support via CountRecentOperations
OrgAISettings model stores per-organization AI configuration:
- Provider and model selection
- Encrypted API key storage
- Rate limits (max operations per hour)
- Allowed operations whitelist
- Agent mode permissions
Also adds AI unit type to repository units for enabling/disabling AI features per repo.
Add repository setting to control anonymous access to app integration endpoints (issue submission, update checks). When enabled (default), the desktop app can access these endpoints without authentication. When disabled, vault token authentication is required.
This provides granular control over app integration access, allowing repository owners to enforce full authentication on sensitive repositories while maintaining ease of use for public/limited repos.
Changes include:
- New PublicAppIntegration boolean field on Repository model
- Database migration v365 to add the field (defaults to true)
- Repository settings UI to toggle the feature
- Updated checkVaultTokenForRepo to respect the setting
- Security enhancement: IssueStatusJSONEndpoint now only returns app-submitted issues to anonymous users
Adds view_count field to blog_post table with database migration. Implements atomic increment on post views in both standalone and repo blog routes. Displays view count with eye icon in post templates.
Improve GetExploreTopTags performance by limiting the tag aggregation scan to the 500 most recent published posts instead of scanning all posts. This reduces database load while still providing relevant trending tags.
Add HasSubscriptionOnlyBlogPosts function to check if a repository has premium blog content. Update subscribe page to display different messaging when paid blogs are available. Redesign featured blog section with centered layout, larger images, and improved hover effects.
Adds keyword search and tag filtering to repository blog list with GetRepoTopTags for popular tags display. Implements user-level package privacy setting (KeepPackagesPrivate) to hide packages from profile page. Updates blog UI with search box, tag cloud, and clear filters button. Adds subscription CTA buttons and active subscription indicators.
Implements comprehensive wishlist/feature request system for repositories. Includes categories with colors, voting system, importance ratings (1-5 stars), status tracking (open/planned/in-progress/completed/declined), threaded comments with reactions, and release linking. Adds v2 API endpoints for CRUD operations. Includes repository settings toggle, header tab, and full UI templates for list/view/create. Supports vote counts, importance averages, and comment reactions.
Adds SubscriptionOnly flag to blog posts to restrict full content access to active subscribers. Shows teaser/preview for non-subscribers with subscribe CTA. Integrates with repository subscription system when monetization is enabled. Updates v2 API structs and editor UI with subscription toggle. Admins and repo writers bypass the gate.
Adds blog series field to group related posts together. Implements v2 API endpoints for listing, creating, updating, and deleting blog posts with proper error codes. Adds series filtering to explore page and sitemap support with pagination. Includes BlogPostV2 structs with author/repo references, HTML URLs, and content rendering. Updates editor UI with series input field.
Implements thumbs up/down reactions for blog comments with toggle functionality. Adds batch loading of reaction counts and user reactions for performance. Updates standalone view and repo blog view to display comment reactions. Improves explore blogs UI with better card layout and navigation. Includes guest IP tracking for anonymous reactions.
Implements search by keyword (title/subtitle), tag filtering, and sort by newest/popular on explore blogs page. Adds GetExploreTopTags to show popular tags with usage counts. Enforces repository access permissions using AccessibleRepositoryCondition. Fixes secret lookup to skip scope conditions when querying by ID. Updates UI with tag cloud, search box, and sort dropdown.
Implements threaded comment system with support for authenticated users and verified guests. Adds email verification flow for guest commenters with token-based sessions and 6-digit codes. Includes reaction system (like/love/laugh/etc) for posts and comments. Adds comment count to blog posts, user profile blog tab, and email notifications for comment verification. Implements nested reply support with parent-child relationships.
Adds ability to promote secrets from repository to organization scope, or from repository/organization to global scope. Includes conflict detection to prevent duplicate names at target scope, permission checks (org owner for repo→org, system admin for →global), and UI buttons with confirmation dialogs. Implements MoveSecret model method and PerformSecretsPromote handler.
Adds comprehensive blog post system for repositories with draft/public/published status, featured images, tags, and subscriptions. Includes database models, migrations, CRUD operations, email notifications, explore page, and full UI templates for creating, editing, and viewing blog posts.
Implement complete subscription monetization system for repositories with Stripe and PayPal integration. Includes:
- Database models and migrations for monetization settings, subscription products, and user subscriptions
- Payment provider abstraction layer with Stripe and PayPal implementations
- Admin UI for configuring payment providers and viewing subscriptions
- Repository settings UI for managing subscription products and tiers
- Subscription checkout flow and webhook handlers for payment events
- Access control to gate repository code behind active subscriptions
Add ability for repository owners to cross-promote up to 6 related repositories in the sidebar. Create repo_cross_promote table with migration v344 to store source-target relationships with display order. Add settings UI for managing promoted repos with drag-and-drop reordering. Display promoted repos in home sidebar with repository cards. Include locale strings and routing for cross-promotion management.
Adds new social card customization options including solid color backgrounds and custom background images with Unsplash integration. Introduces new database fields for storing color, background image URL, and Unsplash attribution. Adds media kit settings page for repository-level social card configuration.
Implement Open Graph social card image generation with customizable themes. Cards are dynamically rendered with repository name, description, owner avatar, and GitCaddy branding.
Features:
- Three built-in themes: dark (default), light, and colorful
- 1200x630px cards optimized for social media platforms
- Avatar fetching with caching and fallback to default
- Text wrapping and truncation for long descriptions
- Repository settings UI for theme selection
- Migration to add social_card_theme column
Technical implementation:
- Uses golang.org/x/image for rendering with Inter font family
- Singleton renderer pattern for font reuse
- Endpoint: /:owner/:repo/socialcard.png
- Integrates with Open Graph meta tags in head template
Add Inter font files (Regular and Bold) and GitCaddy logo asset.
Refine unhealthy runner behavior to only skip jobs when a healthy AND idle alternative exists. Previously, unhealthy runners would skip jobs if any healthy runner existed, even if busy. Now unhealthy runners take jobs when all alternatives are either unhealthy or busy.
Rename isOnlyMatchingRunner to hasHealthyIdleAlternative to better reflect the actual check being performed.
Also add cleanup for leftover vault clones in Windows build step and ensure HOME directory exists in release job.
Simplify model name from RepoHiddenFolder to HiddenFolder since the repo context is already clear. Update function signatures to use comma-separated bool parameters and fix test calls to include new hidden folder parameters. Replace strings.Split with strings.SplitSeq for better performance.
Add repository setting to hide files and folders starting with "." from non-admin users in the code browser. Admins can still see dotfiles displayed dimmed. Includes database migration, settings form, filtering logic for tree views and file listings, and locale strings.
Allow repository admins to hide specific folders from the code browser for non-admin users. Hidden folders are shown dimmed to admins but completely hidden from regular users. Includes database migration, settings UI, tree filtering logic, and frontend support for toggling visibility.
Introduces a new "limited" visibility level between public and private. Limited repos are publicly browseable but restrict clone, fork, and archive downloads to collaborators only. Adds database migration, UI controls in settings, enforcement in git HTTP and SSH handlers, and corresponding locale strings.
System administrators can now view, edit, and delete any runner regardless of context (repo/org/user). Previously, admins were restricted by the same ownership rules as regular users. Also removes redundant deleted_unix filter in GetUnhealthyRunners query.
Adds migration v338 to ensure the deleted_unix column exists on action_runner table for soft-delete functionality. This column may be missing in some databases if the original migration ran before it was added. Also updates gitcaddy-vault dependency to v1.0.52.
Add ability for organizations to preconfigure default package metadata (authors, company, copyright, icon) that AI tools can use when building packages. Includes database model, org settings UI with icon upload, MCP tool for retrieving defaults with repo-specific URLs, and localization strings.
Adds a new page to view all waiting/blocked jobs for a specific runner label. This helps administrators identify which jobs are queued for particular runner labels and diagnose runner capacity issues.
Implements public package discovery page in the Explore menu. Shows public and global packages with pagination, filtering by type, and search. Adds admin setting to enable/disable the packages tab. Updates package search to support PublicOrGlobal filter for showing packages that are either public OR global. Includes new locale strings and templates.
Enables updating secret descriptions without changing the value by making the data field optional during updates. Displays global secrets as read-only in org/user/repo secret pages for visibility. Adds validation to require data only when creating new secrets. Updates locale strings for the new functionality.
Implements system-wide global secrets (OwnerID=0, RepoID=0) that can only be managed by admins. Global secrets are available to all workflows with lowest precedence (repo > org > global). Adds admin UI routes and templates for managing global secrets. Updates secret model to support three-tier hierarchy and proper precedence ordering.
Implements comprehensive package visibility settings with migration v337. Adds database models for package and version-level access control, updates web UI templates for settings/list/view pages, and includes locale strings for the new features. Also adds .gitsecrets-ignore file to track false positives from secret scanning.
Fixes ReorderOrgPinnedRepos to only update display_order field, preserving existing group_id assignments. Uses MustCols to ensure zero values are properly updated (first item can have display_order=0). Previously, reordering would unintentionally clear group assignments.
Adds ExternalUserID and ExternalSource fields to issues table to allow external apps to track their own user identifiers when creating issues via API. Includes database migration v336, search filters, JSON API endpoint, and UI filter option. Adds locale strings across all 28 languages for external user filtering.
Implements release channel filtering (stable/prerelease/any) with new GetLatestReleaseByRepoIDAndChannel function. Adds JSON API endpoint for applications to check for updates programmatically. Includes tooltip translations across all 28 locales and UI updates to release list and header templates.
Implements a settings page for organization admins to manage pinned repositories. Adds ability to pin/unpin repos, reorder them via drag-and-drop, and view currently pinned repos. Includes new routes, templates, locale strings, and helper function IsErrOrgPinnedRepoAlreadyExist for error handling.
Add ExcludeProfileRepos option to SearchRepoOptions to filter out .profile repositories from explore and organization listings. Site admins and organization owners can still view these repositories, but regular users and anonymous visitors cannot see them in public listings.
Add is_global flag to packages allowing them to be accessible at root URLs without owner prefix. Include database migration, package settings UI, admin bulk operations, and automatic repository matching. This enables cleaner package URLs for organization-wide packages.
Adds bandwidth monitoring to runner health checks with critical threshold of 8 Mbps (1 MB/s). Runners below this threshold are blocked from job assignment and trigger automatic bandwidth rechecks. Also refines health check logic: disk/CPU now only block at 95%+ (critical), and latency is informational only. Includes new RunnerBandwidthCheckRequest model to track recheck requests.
Adds optional group_header field to organizations for categorizing them on the explore page (e.g., "Enterprise", "Community", "Partners"). Includes database migration, organization settings form field, and grouped display template. Groups are sorted alphabetically with ungrouped organizations shown last. Users can toggle grouping view with show_groups parameter.
Adds a GroupHeader field to repositories allowing them to be grouped under custom headers on organization pages. Includes database migration v333, form handling, and grouped/ungrouped view toggle in the UI.
When an unhealthy runner is the only one that can handle a job (e.g., the
only macos runner), assign the job anyway instead of leaving it stuck in
waiting state indefinitely.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
