Source-of-truth claude/ now matches the proven shape used by
anthropics/claude-plugins-official and other shipping marketplaces:
claude/.claude-plugin/marketplace.json references ./plugins/fj
claude/plugins/fj/.claude-plugin/plugin.json
claude/plugins/fj/skills/fj/SKILL.md
Previous string-source "./" and structured {source: url} forms both
tripped "source type your Claude Code version does not support."
The relative sub-path form works.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
The "./" string form is older schema; modern Claude Code requires the
structured form. Same shape as anthropics/claude-plugins-official
catalogue entries.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
The plain "." source triggered "This plugin uses a source type your
Claude Code version does not support" on `/plugin install`. Matching
the well-tested shape used by other working marketplaces: "./" root,
strict:false, explicit skills paths.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
A repo with only plugin.json is recognized as a plugin but not as a
marketplace, which is what `/plugin marketplace add` needs. Adding
.claude-plugin/marketplace.json that declares the marketplace
('rasterandstate') and lists fj as its single plugin.
The correct two-step install is now:
/plugin marketplace add rasterandstate/fj-claude-plugin
/plugin install fj@rasterandstate
README.md and claude/README.md updated accordingly.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Source of truth for the plugin lives in claude/ inside this repo. A
canonical mirror is at github.com/rasterandstate/fj-claude-plugin.
The skill activates when the user mentions fj, Forgejo, Gitea, or any
forge-side action. SKILL.md documents:
* the auto-detect convention (`-R` optional inside a clone)
* global flags (`--host`, `--debug`, `--no-pager`, `--json-fields`)
* the `--jq` syntax for `fj api`
* common workflows (PR review, issue triage, releases, code search)
* sharp edges (token TTY guard, --body in CI, gh-equivalence gaps)
* links back to docs/{architecture,gh-to-fj,compatibility,jq,troubleshooting}.md
Install in any Claude Code session:
/plugin install rasterandstate/fj-claude-plugin
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* assets/demo.gif: 1100x720, ~30s, recorded with vhs from scripts/demo.tape.
Covers: --version, repo view (auto-detect), issue list, pr list, api
/version + jq, selective JSON, fj --help.
* scripts/record-demo.sh: the prior Write didn't persist the rewrite, so
the file was still the asciinema version and treated `--gif-only` as
an output path. Updated to be vhs-based with proper flag parsing.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
dist/v*/ holds tarballs/SHAs we upload to Forgejo releases, not source.
.claude/settings.local.json is per-machine allow-list state that
shouldn't travel with the repo.
Removes the artifacts that slipped into the previous commit.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* scripts/demo.tape: vhs tape file driving a ~30s session: --version,
repo view (auto-detect), issue list, pr list, api + jq, selective
JSON, help. Catppuccin Mocha, 1100x720.
* scripts/record-demo.sh: thin wrapper with preflight checks (vhs +
fj installed and authenticated, run from a clone). Outputs
assets/demo.gif and assets/demo.mp4.
* Removed scripts/_demo-session.sh (the asciinema sketch). vhs is
strictly better for scripted demos: deterministic timing, direct
GIF/MP4 output, no upload step.
* README: replaced the asciinema TODO with the GIF embed (will resolve
once assets/demo.gif is recorded and committed).
To record:
brew install vhs
cargo build --release && ln -sf \$PWD/target/release/fj ~/.local/bin/fj
fj auth login --host rasterhub.com
./scripts/record-demo.sh
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
assets/logo.png is a 336x336 PNG of the FJ mark (orange F + slanted red
J on a slate background). Embedded at 128px centered above the title in
README so the project has a recognizable face in tap listings, social
cards, and casual link previews.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Release infrastructure:
* .forgejo/workflows/release.yml: on v* tags, builds darwin-aarch64,
darwin-x86_64, linux-x86_64 tarballs, computes SHA256SUMS, uploads to
the Forgejo release, and writes a ready-to-commit fj.rb formula.
* dist/homebrew/fj.rb.tmpl + scripts/render-homebrew-formula.sh for
local rendering. Publishes into rasterandstate/homebrew-tap.
Issue + PR templates:
* .forgejo/issue_template/{bug,feature,api-gap}.md so triage isn't
guessing at the user's environment.
* .forgejo/pull_request_template.md with a fmt/clippy/test checklist
and a "what to update" surface-changes section.
README demo scaffolding:
* scripts/record-demo.sh drives asciinema through a representative
~30s session covering --version, repo view (auto-detect), issue/pr
list, api, --json-fields, browse.
* README has a commented-out asciicast embed waiting for the v0.1.0
recording.
Compatibility:
* docs/compatibility.md: tested Forgejo versions, caveats for older
Gitea (≤1.19), Forgejo-only endpoints we expose.
* `fj auth login` now probes /api/v1/version once and warns to stderr
when the server reports a pre-7.x version. Parser is pure-fn tested
(modern, old, unparseable cases).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Cargo.toml has always declared `license = "MIT"`, but the repo root was
missing the actual file. Required by most consumers (Homebrew, distros,
crates.io if we ever publish).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* README: new commands (milestone, search code, watch/star, edit-comment,
request-review) and the `--json-fields` / `--no-pager` globals.
* CLAUDE.md: layout includes json_filter and .forgejo/workflows; test
count updated to 75; HTTP retry, JSON projection, pager-on-Unix
conventions documented; setup-git hostname-validation invariant
called out; auth token TTY guard noted.
* docs/architecture.md: HTTP retry section now covers 429 / Retry-After
and Request::try_clone; new JSON projection section explains the
global --json-fields flow; test strategy mentions remote CI and
ignored env-mutating tests.
* docs/README.md: link to SECURITY.md and CHANGELOG.md.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Bugs:
* Shell injection in `fj auth setup-git`: the hostname is now validated
against a strict DNS pattern and `git config` is invoked directly
(no `sh -c`). Added 4 unit tests covering shell metacharacters.
* Pager won't compile on Windows: the libc-based dup2 redirect lives
behind `#[cfg(unix)]`. Non-Unix gets a no-op stub.
Agent-focused Forgejo API gaps:
* `fj issue edit-comment ID` / `delete-comment ID`. Fix a wrong comment
after the fact (an agent's bread-and-butter).
* `fj search code "..." [-R owner/name]`. The most-requested missing
search dimension for codebase exploration.
* `fj pr request-review N user1 user2`, `unrequest-review N user`.
Distinct from `pr review` (your own approval/changes/comment).
* `fj repo watch / unwatch / star / unstar / starred`. Mark repos for
monitoring.
* `fj milestone {list,view,create,edit,close,reopen,delete,assign}`
with `assign N --milestone ID|none` to attach an issue/PR.
UX + stability:
* Global `--json-fields foo,bar` projection on top of any `--json`
output, gh-style. Dotted-path support (`--json-fields owner.login`).
* 429 / Retry-After honored in the retry loop with a 30 s cap.
* Clap `suggestions` feature for typo'd subcommands.
* `fj auth token` and `auth status --show-token` refuse to write to a
TTY by default (`--force` to override).
CI:
* `.forgejo/workflows/ci.yml` runs fmt/clippy/test/release-build on
every push and PR, mirroring the local pre-push hook.
Docs:
* `SECURITY.md` with threat model and known sharp edges.
* `docs/gh-to-fj.md` full command-by-command mapping.
* `docs/faq.md` covering tokens, hosts, debug, scripting, plugins.
Tests: 60 → 75 passing (2 ignored: editor and env-mutating tests that
fight the cargo test harness on macOS).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Stability:
* `cli::run` now races command futures against `tokio::signal::ctrl_c()`.
On SIGINT the command future is dropped, which propagates to the
PagerGuard's Drop and restores stdout cleanly.
* Removed the unsafe `std::env::set_var("FJ_NO_PAGER")` in dispatch.
`--no-pager` is now threaded into `pager::maybe_start(force_disabled)`
as a parameter, no process-wide side effect.
* Replaced the panicking `.expect("token contains invalid header chars")`
in `auth_headers` with a typed error that names the host and tells the
user how to recover.
* Added 9 wiremock-backed integration tests covering: auth header
injection, retry-on-5xx for idempotent methods, no-retry for POST,
401 mapping to friendly error, custom header pass-through, null-body
list tolerance, `get_all` following Link rel=next, total_limit honored
on early break, malformed token rejection.
Optimization:
* Dropped unused reqwest features (stream, brotli) and unused crates
(indicatif, futures-util, is-terminal, textwrap, tempfile).
* `panic = "abort"` and `lto = "fat"` on the release profile.
* HTTP retry loop now builds the request once and uses
`reqwest::Request::try_clone` per attempt instead of rebuilding the
RequestBuilder (eliminates per-attempt HeaderMap + URL clones).
* Pulled debug-mode request logging behind a `#[cold]` helper so the
hot path stays small.
Binary: 5.94 MB → 4.15 MB stripped (-30%).
Tests: 51 → 60 (9 new integration tests).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* New `output::pager` module spawns `$FJ_PAGER` / `$PAGER` / `less -FRX`
when stdout is a TTY and dup2's our stdout onto its stdin. The
`PagerGuard` restores the original stdout and waits on the child on
drop so all output flushes before exit.
* Wired into the top-level dispatch: list/view/diff/api/search/status
output is now paged automatically. Short output passes through via
`less -F`. Global `--no-pager` flag and `FJ_NO_PAGER` env opt out.
* libc 0.2 added as a small dep (needed for dup/dup2/close).
* Pre-push hook now drains and closes stdin at the top, then runs every
step with `</dev/null`. Previously a test or build could in principle
inherit git push's stdin (the list of refs being pushed) and block
if it ever tried to read it. Adds CARGO_TERM_PROGRESS_WHEN=never so
the progress bar doesn't muddle non-TTY runs.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* `fj repo branches`, `repo topics`, `repo edit`, `repo fork`, `repo sync`,
`repo archive`, `repo unarchive`, `repo mirror-sync` previously took only
a positional `repo` argument and rejected `-R/--repo`. Now they accept
both, with `-R` winning when both are given.
* Forgejo returns `null` for `labels`/`assignees` on issues and PRs when
empty. The Issue/Pull structs hit `expected a sequence` on every issue
create. Added a `deserialize_null_to_default` helper on the affected
fields so null is now coerced to an empty Vec.
* `get_page` similarly bailed when a list endpoint returned a bare `null`
body. Now treats null and empty body as `[]`.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* `fj repo mirror <url>` does a full migrate (pull-mirror with `--mirror`,
one-shot import otherwise). `fj repo mirror-sync` triggers a refresh on
an existing pull-mirror.
* List endpoints transparently follow `Link: rel=next` when the caller
asks for more than the 50-per-page API cap. So `fj pr list -L 200`
or `fj issue list -L 100` now Just Works without manual paging.
* HTTP client retries idempotent requests (GET/HEAD/OPTIONS/PUT/DELETE)
up to 3 times with exponential backoff (200/400/800 ms) on transport
errors and 5xx responses. POST and PATCH are never retried.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* `fj auth token` prints the stored token for scripting.
* `fj auth refresh` re-verifies (or replaces) the stored token.
* `fj auth setup-git` installs a git credential helper that delegates
password lookup to `fj auth token`.
* New top-level `fj protect` group: list / view / set / delete branch
protection rules.
* New top-level `fj hook` group: webhook CRUD + test delivery.
* Global `--debug` (`FJ_DEBUG`) flag dumps every HTTP request fj makes
to stderr (method, URL, query, body preview, status).
* `fj man -o ./man` generates `clap_mangen` pages for fj and every
subcommand. Useful for downstream packaging.
* Fixed: several subcommand groups (hook, label, search, key, workflow
secrets/variables) were showing the flattened RepoFlag's doc string
in their --help summary line. Added explicit doc comments per variant.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* New top-level groups, each with full CRUD where the API supports it:
- release: list/view/create/edit/delete/upload/download
- label: list/create/edit/delete
- run: workflow runs (list/view/rerun/cancel)
- secret + variable: Actions secrets/vars (list/set/delete)
- search: cross-cutting (repos/issues/prs/users)
- browse: open repo/path on the web
- status: notifications inbox + mark-all-read
- org: list/view/teams
- ssh-key, gpg-key: list/add/delete on your account
- alias: user-defined shortcuts (e.g. `fj alias set co "pr checkout"`)
- config: local prefs (editor, pager, browser, etc.)
- extension: discover and run `fj-<name>` plugin binaries on PATH
- gist: thin wrapper over `gist-*` repos
* main.rs now expands aliases before clap and dispatches to plugins for
unknown subcommands (matching gh).
* New API modules: release, label, notification, search, org, workflow,
with the corresponding strongly-typed wrappers.
* Release asset upload uses reqwest multipart (feature flag added).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Multi-host auth (tokens in OS keychain), repo/issue/pr CRUD, and a
gh-style `api` escape hatch with -f/-F/-X/-q. Targets Forgejo 7.x via
the Gitea-compatible /api/v1 surface.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Stephen Way