From 36b1759243dedd9f6f28098cdf5517e0872ef950 Mon Sep 17 00:00:00 2001 From: Knowit Date: Mon, 20 Apr 2026 21:28:54 +0800 Subject: [PATCH] =?UTF-8?q?Add=20Gitea=20management=20boundaries=20to=20?= =?UTF-8?q?=C2=A70?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Why: Charles asked whether I can proactively manage repos on his Gitea. Define explicit allow / confirm / forbid tiers so I don't accidentally delete a repo or force-push main. Co-Authored-By: Claude Opus 4.7 (1M context) --- CLAUDE.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/CLAUDE.md b/CLAUDE.md index 66dd949..7587b69 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -11,6 +11,11 @@ Behavioral guidelines to reduce common LLM coding mistakes. Merge with project-s - **Git push policy**: push by default when there are commits. Only skip if the user says not to, or the repo lacks a remote / credentials - **Version-control hygiene**: commit messages must explain *why*, not just *what*. Confirm before risky ops (`push --force`, `reset --hard`, `rm -rf`, branch deletion) - **Default git remote**: `git.deepknow.site` (credentials stored in memory) +- **Gitea management** (`git.deepknow.site/Knowit`, API via `curl`): + - ✅ Allowed as part of an explicit task: create repo, clone, push, open issue/PR, list/read anything + - ⚠️ Confirm first: rename repo, change visibility, add/remove collaborators, delete branches, change default branch + - ❌ Require explicit command every time: delete repo, force-push to `main`/`master`, rewrite published history, change org permissions + - Prefer a scoped API token over username/password when one becomes available - **Package managers**: `pnpm` (Node), `uv` (Python), `cargo` (Rust) - **Indentation**: 4 spaces by default; follow project convention if different