Bugs:
* Shell injection in `fj auth setup-git`: the hostname is now validated
against a strict DNS pattern and `git config` is invoked directly
(no `sh -c`). Added 4 unit tests covering shell metacharacters.
* Pager won't compile on Windows: the libc-based dup2 redirect lives
behind `#[cfg(unix)]`. Non-Unix gets a no-op stub.
Agent-focused Forgejo API gaps:
* `fj issue edit-comment ID` / `delete-comment ID`. Fix a wrong comment
after the fact (an agent's bread-and-butter).
* `fj search code "..." [-R owner/name]`. The most-requested missing
search dimension for codebase exploration.
* `fj pr request-review N user1 user2`, `unrequest-review N user`.
Distinct from `pr review` (your own approval/changes/comment).
* `fj repo watch / unwatch / star / unstar / starred`. Mark repos for
monitoring.
* `fj milestone {list,view,create,edit,close,reopen,delete,assign}`
with `assign N --milestone ID|none` to attach an issue/PR.
UX + stability:
* Global `--json-fields foo,bar` projection on top of any `--json`
output, gh-style. Dotted-path support (`--json-fields owner.login`).
* 429 / Retry-After honored in the retry loop with a 30 s cap.
* Clap `suggestions` feature for typo'd subcommands.
* `fj auth token` and `auth status --show-token` refuse to write to a
TTY by default (`--force` to override).
CI:
* `.forgejo/workflows/ci.yml` runs fmt/clippy/test/release-build on
every push and PR, mirroring the local pre-push hook.
Docs:
* `SECURITY.md` with threat model and known sharp edges.
* `docs/gh-to-fj.md` full command-by-command mapping.
* `docs/faq.md` covering tokens, hosts, debug, scripting, plugins.
Tests: 60 → 75 passing (2 ignored: editor and env-mutating tests that
fight the cargo test harness on macOS).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* `fj repo mirror <url>` does a full migrate (pull-mirror with `--mirror`,
one-shot import otherwise). `fj repo mirror-sync` triggers a refresh on
an existing pull-mirror.
* List endpoints transparently follow `Link: rel=next` when the caller
asks for more than the 50-per-page API cap. So `fj pr list -L 200`
or `fj issue list -L 100` now Just Works without manual paging.
* HTTP client retries idempotent requests (GET/HEAD/OPTIONS/PUT/DELETE)
up to 3 times with exponential backoff (200/400/800 ms) on transport
errors and 5xx responses. POST and PATCH are never retried.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* New top-level groups, each with full CRUD where the API supports it:
- release: list/view/create/edit/delete/upload/download
- label: list/create/edit/delete
- run: workflow runs (list/view/rerun/cancel)
- secret + variable: Actions secrets/vars (list/set/delete)
- search: cross-cutting (repos/issues/prs/users)
- browse: open repo/path on the web
- status: notifications inbox + mark-all-read
- org: list/view/teams
- ssh-key, gpg-key: list/add/delete on your account
- alias: user-defined shortcuts (e.g. `fj alias set co "pr checkout"`)
- config: local prefs (editor, pager, browser, etc.)
- extension: discover and run `fj-<name>` plugin binaries on PATH
- gist: thin wrapper over `gist-*` repos
* main.rs now expands aliases before clap and dispatches to plugins for
unknown subcommands (matching gh).
* New API modules: release, label, notification, search, org, workflow,
with the corresponding strongly-typed wrappers.
* Release asset upload uses reqwest multipart (feature flag added).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Multi-host auth (tokens in OS keychain), repo/issue/pr CRUD, and a
gh-style `api` escape hatch with -f/-F/-X/-q. Targets Forgejo 7.x via
the Gitea-compatible /api/v1 surface.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Stephen Way