pdurlej/platform

Fork 0

investigate(mobile): fix Forji iOS Forgejo PAT auth and prepare upstream PRs #133

New issue

Open

opened 2026-05-09 14:06:10 +02:00 by Iskra · 5 comments

Iskra commented

2026-05-09 14:06:10 +02:00

Collaborator

Context

Piotr uses / wants to use Forji as an iOS/mobile Forgejo client:

https://codeberg.org/secana/Forji

Current problem: Forji does not work reliably on Piotr's iOS setup with his Forgejo PATs, even though it should. This matters because mobile Forgejo/Projects access could become an important operator surface for the broader Platform / Iskra / Swarmheart workflow.

Piotr's direction: attack the problem properly and prepare one or more upstream PRs if needed, not only a local workaround.

Why this belongs in platform

This is not just a mobile-app annoyance. If Forgejo Projects/issues are part of the downstream coordination surface, then mobile access needs to be reliable enough for:

checking agent-created issues/tasks,
approving/triaging work from phone,
reading PR/issue state during demos,
operator workflows around Product Pro Summit,
future bounded execution / YubiKey approval flow context.

Goals

Diagnose why Forji + Piotr's Forgejo PATs fail on iOS.
Reproduce against git.pdurlej.com if possible without exposing secrets.
Identify whether the problem is:
- PAT scope/permissions,
- Forgejo API compatibility,
- token storage/keychain behavior on iOS,
- Forji request/auth header bug,
- URL/base path handling,
- TLS/certificate/cookie/CORS assumptions,
- Forgejo vs Gitea API version mismatch,
- iOS networking/security policy,
- user-agent/content-type/accept header mismatch.
Prepare targeted upstream PR(s) to Forji when the root cause is in the app.
If the problem is server/config-side, document exact Forgejo config/PAT requirements.

Constraints / safety

Do not log or paste Piotr's real PATs.
Use test tokens/accounts if reproduction requires credentials.
Redact Authorization headers in all logs.
Prefer minimal, surgical upstream PRs over a large fork.
Keep findings evidence-based: request/response status, endpoint, headers minus secrets, app code path, Forgejo version/API behavior.

Suggested investigation plan

Inventory current Forgejo/API behavior on git.pdurlej.com:
- version endpoint,
- /api/v1/user with a known-valid token,
- issues/projects endpoints relevant to mobile use,
- required token scopes.
Inspect Forji auth/networking code:
- how PAT is stored,
- how Authorization header is constructed,
- whether it uses token, Bearer, Basic, or something else,
- base URL normalization,
- error handling and diagnostics.
Reproduce with controlled test cases:
- valid PAT,
- invalid PAT,
- insufficient-scope PAT,
- Forgejo base URL with/without trailing slash,
- Codeberg vs self-hosted Forgejo.
Compare Forji behavior with direct curl/HTTP client behavior.
File upstream issues/PRs to Forji for confirmed app bugs.

Potential PR candidates

Depending on findings:

Fix Forgejo PAT Authorization header handling.
Improve self-hosted Forgejo base URL normalization.
Add clearer auth error messages on iOS.
Add PAT scope validation/check screen.
Add diagnostic mode with redacted request/response metadata.
Fix project/issues endpoint compatibility with Forgejo self-hosted instances.
Add tests for Forgejo self-hosted auth flows.

Acceptance criteria

Confirm exact failure mode on Piotr's iOS/Forji setup, or identify what data is still missing.
Produce a short evidence report: endpoints tested, expected vs actual, likely root cause.
Identify whether fix belongs upstream in Forji, in Forgejo config/PAT setup, or in Piotr's environment.
Prepare at least one concrete upstream PR proposal if app-side bug is confirmed.
If practical, open PR(s) against https://codeberg.org/secana/Forji.
Document safe PAT/scopes setup for Piotr's Forgejo mobile workflow.

Product Pro Summit demo work may use Forgejo Projects/issues as downstream task/project surface.
Platform issue #132 explores YubiKey-backed operator consent for bounded agent execution.
Iskra/OpenClaw issue #100 explores Swarmheart coordination kernel with Kan as projection and Forgejo/Kan-style task surfaces.

2026-05-09 synthesis: Opus + GPT-5.5 Pro + Iskra

We ran a three-model investigation pass over Forji / ForgejoKit for Piotr's self-hosted Forgejo + iOS + PAT problem.

Shared conclusion

Do not chase Bearer vs token as the main issue. Forgejo accepts Authorization: token <PAT> for PATs, and Piotr's git.pdurlej.com accepted both token and Bearer for /api/v1/user in a live check.

The stronger pattern is:

Forji / ForgejoKit currently lack enough auth/network diagnostics for self-hosted Forgejo.
Restore/login failures can be collapsed into misleading “token expired/revoked” style errors.
PAT capability/scopes need validation by real endpoint probes, not just “does /user return 200?”
Forgejo Projects should not be the first downstream foundation for the Product Pro Summit demo.
Short-term operator surface should use Forgejo Issues + labels + comments + notifications, with Kan as upstream.

Live version check:

{"version":"15.0.1+gitea-1.22.0"}

Evidence-backed findings from Opus pass

Opus verified current code and identified two concrete findings:

Likely root cause of misleading iOS/PAT symptom

In AuthenticationService.restoreWithCredentials, errors from fetchCurrentUser() are broadly caught and, for token-only restore, converted to SessionRestoreError.tokenExpired.

Practical effect: SSL failure, network failure, 403 missing scope, 5xx, timeout, decoding error, etc. may be presented to the user as expired/revoked token.
Small high-confidence upstream PR candidate

MultiInstanceManager builds a dictionary keyed only by serverURL:
```
Dictionary(uniqueKeysWithValues: connections.map { ($0.instance.serverURL, $0) })
```
Two accounts on the same Forgejo instance can trigger a duplicate-key fatal error. Realistic scenario: piotr + iskra-bot on git.pdurlej.com.

GPT-5.5 Pro additions

GPT-5.5 Pro independently converged on:

keychain/account identity may be too fragile if based on normalizedURL + username, especially across username rename, URL variants, multi-instance, migration, reinstall/update, or App ID/access group changes;
current design should distinguish:
- actual 401 bad/revoked token,
- 403 valid token but missing scope/repo access,
- keychain item missing,
- redirect/proxy issues,
- TLS/network failure,
- Swift decoding/model drift;
repo-scoped PATs may not fit Forji's current /user-first login model. A future repo-bound token mode could validate explicit owner/repo + issues endpoints instead of requiring full account-level identity/notifications.

Updated implementation order

Use two tracks: a tiny credibility PR first, then the real diagnostic/auth work.

PR 0 — Forji: fix multi-instance duplicate server crash

Repository: secana/Forji

Goal: replace serverURL-only dictionary key with a composite key such as (normalized serverURL, username) or equivalent stable account key.

Why first:

tiny diff,
obvious bug,
easy upstream acceptance,
builds credibility before larger auth/diagnostics changes.

Acceptance criteria:

two instances with the same serverURL but different usernames no longer crash;
test covers duplicate serverURL case;
no behavior change for single-account users.

PR 1 — ForgejoKit: structured auth/network/decoding errors

Repository: secana/ForgejoKit

Goal: preserve error classes instead of collapsing them into generic auth failure.

Acceptance criteria:

401, 403, 404, 5xx, transport, TLS, timeout, decoding are distinct;
errors carry method, endpoint template, status code, and sanitized body summary where safe;
no token, Authorization header, password, Cookie, token=, or access_token= can appear in error/debug output;
tests cover 401/403/404/5xx/decode/network.

PR 2 — Forji: preserve restore error context and improve alerts

Repository: secana/Forji

Goal: stop turning every token-only restore failure into tokenExpired.

User-facing examples:

“Token rejected by server (401)”
“Token works but lacks permission for this action (403)”
“Token not found in device keychain”
“Server unreachable / TLS failure”
“Forgejo response could not be decoded”

PR 3 — ForgejoKit/Forji: PAT capability checker

Goal: validate what a PAT can actually do by probing safe endpoints.

Suggested capabilities:

server reachability: /api/v1/version
identity: /api/v1/user
repo access: /api/v1/repos/{owner}/{repo}
issues read: /api/v1/repos/{owner}/{repo}/issues?state=all&limit=1
optional issue write: comment on an explicit test issue only after user confirmation
notifications read/write if Forji uses notification inbox

Recommended mobile-triage PAT for Piotr-style operator surface:

read:user
read:repository
read:issue
write:issue
read:notification
add write:notification only if Forji marks notifications read
avoid write:repository unless phone must mutate repo contents / dispatch workflows

PR 4 — Forji: Keychain v2 / stable account ID

Goal: eventually move from raw normalizedURL + username to a stable account identity, preferably based on canonical server/base path + Forgejo user.id, while preserving migration from existing keychain entries.

This is valuable but riskier than PR 0–3, so it should not be first.

Product Pro Summit / operator workflow decision

For demo and near-term agent workflows:

Kan upstream = human-readable planning / source of truth for intent and coordination.
Forgejo Issues downstream = executable/project trace for agents.
Use labels for state/gates:
- agent:pending-review
- agent:needs-approval
- agent:blocked
- agent:ready-to-merge
- risk:high
- source:iskra
- source:swarmheart
Use issue comments for checkpoints, proof, /accept, /reject, /retry, /escalate style commands.
Use notifications/saved filters as mobile triage surface in Forji.

Do not make Forgejo Projects API the critical path for the first demo. Treat Projects as a later optional UI layer after confirming endpoint availability in swagger.v1.json and Forji/ForgejoKit support.

Coding-agent brief

Goal: improve Forji/ForgejoKit for self-hosted Forgejo PAT auth on iOS with safe diagnostics, correct error classification, stable account storage, and capability validation.

Non-goals:

do not add OAuth;
do not log tokens;
do not switch PAT auth from token to Bearer without evidence;
do not implement full Forgejo Projects/Kanban mutation in the first PR set;
do not add Piotr/Iskra-specific agent UI to upstream PRs.

Security requirements:

never print PAT;
never include full Authorization header;
never include private issue bodies in diagnostics by default;
mutating validation checks require explicit user confirmation and should use a test issue;
diagnostics should use redacted endpoint templates and optional ephemeral HMAC token fingerprint, not raw token hashes.

## Context Piotr uses / wants to use **Forji** as an iOS/mobile Forgejo client: - https://codeberg.org/secana/Forji Current problem: Forji does not work reliably on Piotr's iOS setup with his Forgejo PATs, even though it should. This matters because mobile Forgejo/Projects access could become an important operator surface for the broader Platform / Iskra / Swarmheart workflow. Piotr's direction: attack the problem properly and prepare one or more upstream PRs if needed, not only a local workaround. ## Why this belongs in platform This is not just a mobile-app annoyance. If Forgejo Projects/issues are part of the downstream coordination surface, then mobile access needs to be reliable enough for: - checking agent-created issues/tasks, - approving/triaging work from phone, - reading PR/issue state during demos, - operator workflows around Product Pro Summit, - future bounded execution / YubiKey approval flow context. ## Goals - Diagnose why Forji + Piotr's Forgejo PATs fail on iOS. - Reproduce against `git.pdurlej.com` if possible without exposing secrets. - Identify whether the problem is: - PAT scope/permissions, - Forgejo API compatibility, - token storage/keychain behavior on iOS, - Forji request/auth header bug, - URL/base path handling, - TLS/certificate/cookie/CORS assumptions, - Forgejo vs Gitea API version mismatch, - iOS networking/security policy, - user-agent/content-type/accept header mismatch. - Prepare targeted upstream PR(s) to Forji when the root cause is in the app. - If the problem is server/config-side, document exact Forgejo config/PAT requirements. ## Constraints / safety - Do not log or paste Piotr's real PATs. - Use test tokens/accounts if reproduction requires credentials. - Redact Authorization headers in all logs. - Prefer minimal, surgical upstream PRs over a large fork. - Keep findings evidence-based: request/response status, endpoint, headers minus secrets, app code path, Forgejo version/API behavior. ## Suggested investigation plan 1. Inventory current Forgejo/API behavior on `git.pdurlej.com`: - version endpoint, - `/api/v1/user` with a known-valid token, - issues/projects endpoints relevant to mobile use, - required token scopes. 2. Inspect Forji auth/networking code: - how PAT is stored, - how Authorization header is constructed, - whether it uses `token`, `Bearer`, Basic, or something else, - base URL normalization, - error handling and diagnostics. 3. Reproduce with controlled test cases: - valid PAT, - invalid PAT, - insufficient-scope PAT, - Forgejo base URL with/without trailing slash, - Codeberg vs self-hosted Forgejo. 4. Compare Forji behavior with direct curl/HTTP client behavior. 5. File upstream issues/PRs to Forji for confirmed app bugs. ## Potential PR candidates Depending on findings: - Fix Forgejo PAT Authorization header handling. - Improve self-hosted Forgejo base URL normalization. - Add clearer auth error messages on iOS. - Add PAT scope validation/check screen. - Add diagnostic mode with redacted request/response metadata. - Fix project/issues endpoint compatibility with Forgejo self-hosted instances. - Add tests for Forgejo self-hosted auth flows. ## Acceptance criteria - [ ] Confirm exact failure mode on Piotr's iOS/Forji setup, or identify what data is still missing. - [ ] Produce a short evidence report: endpoints tested, expected vs actual, likely root cause. - [ ] Identify whether fix belongs upstream in Forji, in Forgejo config/PAT setup, or in Piotr's environment. - [ ] Prepare at least one concrete upstream PR proposal if app-side bug is confirmed. - [ ] If practical, open PR(s) against https://codeberg.org/secana/Forji. - [ ] Document safe PAT/scopes setup for Piotr's Forgejo mobile workflow. ## Related context - Product Pro Summit demo work may use Forgejo Projects/issues as downstream task/project surface. - Platform issue #132 explores YubiKey-backed operator consent for bounded agent execution. - Iskra/OpenClaw issue #100 explores Swarmheart coordination kernel with Kan as projection and Forgejo/Kan-style task surfaces. --- ## 2026-05-09 synthesis: Opus + GPT-5.5 Pro + Iskra We ran a three-model investigation pass over Forji / ForgejoKit for Piotr's self-hosted Forgejo + iOS + PAT problem. ### Shared conclusion Do **not** chase `Bearer` vs `token` as the main issue. Forgejo accepts `Authorization: token <PAT>` for PATs, and Piotr's `git.pdurlej.com` accepted both `token` and `Bearer` for `/api/v1/user` in a live check. The stronger pattern is: 1. Forji / ForgejoKit currently lack enough auth/network diagnostics for self-hosted Forgejo. 2. Restore/login failures can be collapsed into misleading “token expired/revoked” style errors. 3. PAT capability/scopes need validation by real endpoint probes, not just “does `/user` return 200?” 4. Forgejo Projects should **not** be the first downstream foundation for the Product Pro Summit demo. 5. Short-term operator surface should use **Forgejo Issues + labels + comments + notifications**, with Kan as upstream. Live version check: ```json {"version":"15.0.1+gitea-1.22.0"} ``` ### Evidence-backed findings from Opus pass Opus verified current code and identified two concrete findings: 1. **Likely root cause of misleading iOS/PAT symptom** In `AuthenticationService.restoreWithCredentials`, errors from `fetchCurrentUser()` are broadly caught and, for token-only restore, converted to `SessionRestoreError.tokenExpired`. Practical effect: SSL failure, network failure, 403 missing scope, 5xx, timeout, decoding error, etc. may be presented to the user as expired/revoked token. 2. **Small high-confidence upstream PR candidate** `MultiInstanceManager` builds a dictionary keyed only by `serverURL`: ```swift Dictionary(uniqueKeysWithValues: connections.map { ($0.instance.serverURL, $0) }) ``` Two accounts on the same Forgejo instance can trigger a duplicate-key fatal error. Realistic scenario: `piotr` + `iskra-bot` on `git.pdurlej.com`. ### GPT-5.5 Pro additions GPT-5.5 Pro independently converged on: - keychain/account identity may be too fragile if based on `normalizedURL + username`, especially across username rename, URL variants, multi-instance, migration, reinstall/update, or App ID/access group changes; - current design should distinguish: - actual 401 bad/revoked token, - 403 valid token but missing scope/repo access, - keychain item missing, - redirect/proxy issues, - TLS/network failure, - Swift decoding/model drift; - repo-scoped PATs may not fit Forji's current `/user`-first login model. A future `repo-bound token mode` could validate explicit `owner/repo` + issues endpoints instead of requiring full account-level identity/notifications. ### Updated implementation order Use two tracks: a tiny credibility PR first, then the real diagnostic/auth work. #### PR 0 — Forji: fix multi-instance duplicate server crash Repository: `secana/Forji` Goal: replace `serverURL`-only dictionary key with a composite key such as `(normalized serverURL, username)` or equivalent stable account key. Why first: - tiny diff, - obvious bug, - easy upstream acceptance, - builds credibility before larger auth/diagnostics changes. Acceptance criteria: - two instances with the same `serverURL` but different usernames no longer crash; - test covers duplicate serverURL case; - no behavior change for single-account users. #### PR 1 — ForgejoKit: structured auth/network/decoding errors Repository: `secana/ForgejoKit` Goal: preserve error classes instead of collapsing them into generic auth failure. Acceptance criteria: - 401, 403, 404, 5xx, transport, TLS, timeout, decoding are distinct; - errors carry method, endpoint template, status code, and sanitized body summary where safe; - no token, Authorization header, password, Cookie, `token=`, or `access_token=` can appear in error/debug output; - tests cover 401/403/404/5xx/decode/network. #### PR 2 — Forji: preserve restore error context and improve alerts Repository: `secana/Forji` Goal: stop turning every token-only restore failure into `tokenExpired`. User-facing examples: - “Token rejected by server (401)” - “Token works but lacks permission for this action (403)” - “Token not found in device keychain” - “Server unreachable / TLS failure” - “Forgejo response could not be decoded” #### PR 3 — ForgejoKit/Forji: PAT capability checker Goal: validate what a PAT can actually do by probing safe endpoints. Suggested capabilities: - server reachability: `/api/v1/version` - identity: `/api/v1/user` - repo access: `/api/v1/repos/{owner}/{repo}` - issues read: `/api/v1/repos/{owner}/{repo}/issues?state=all&limit=1` - optional issue write: comment on an explicit test issue only after user confirmation - notifications read/write if Forji uses notification inbox Recommended mobile-triage PAT for Piotr-style operator surface: - `read:user` - `read:repository` - `read:issue` - `write:issue` - `read:notification` - add `write:notification` only if Forji marks notifications read - avoid `write:repository` unless phone must mutate repo contents / dispatch workflows #### PR 4 — Forji: Keychain v2 / stable account ID Goal: eventually move from raw `normalizedURL + username` to a stable account identity, preferably based on canonical server/base path + Forgejo `user.id`, while preserving migration from existing keychain entries. This is valuable but riskier than PR 0–3, so it should not be first. ### Product Pro Summit / operator workflow decision For demo and near-term agent workflows: - **Kan upstream** = human-readable planning / source of truth for intent and coordination. - **Forgejo Issues downstream** = executable/project trace for agents. - Use labels for state/gates: - `agent:pending-review` - `agent:needs-approval` - `agent:blocked` - `agent:ready-to-merge` - `risk:high` - `source:iskra` - `source:swarmheart` - Use issue comments for checkpoints, proof, `/accept`, `/reject`, `/retry`, `/escalate` style commands. - Use notifications/saved filters as mobile triage surface in Forji. Do **not** make Forgejo Projects API the critical path for the first demo. Treat Projects as a later optional UI layer after confirming endpoint availability in `swagger.v1.json` and Forji/ForgejoKit support. ### Coding-agent brief Goal: improve Forji/ForgejoKit for self-hosted Forgejo PAT auth on iOS with safe diagnostics, correct error classification, stable account storage, and capability validation. Non-goals: - do not add OAuth; - do not log tokens; - do not switch PAT auth from `token` to `Bearer` without evidence; - do not implement full Forgejo Projects/Kanban mutation in the first PR set; - do not add Piotr/Iskra-specific agent UI to upstream PRs. Security requirements: - never print PAT; - never include full Authorization header; - never include private issue bodies in diagnostics by default; - mutating validation checks require explicit user confirmation and should use a test issue; - diagnostics should use redacted endpoint templates and optional ephemeral HMAC token fingerprint, not raw token hashes.

codex commented

2026-05-09 22:44:22 +02:00

Collaborator

Codex status — upstream Forji PR 0

Current upstream posture: keep changes small and maintainer-friendly. Do not open the next PR until secana/Forji#29 is merged/commented on or enough time passes without maintainer response.

Status:

Opened upstream PR: https://codeberg.org/secana/Forji/pulls/29
Scope: fix multi-instance fallback keying by account (normalized serverURL + username) instead of serverURL only.
Local focused test after Xcode install: MultiInstanceManagerTests passed on iPhone 17 Pro simulator, iOS 26.4.1.
Added validation comment to the PR: https://codeberg.org/secana/Forji/pulls/29#issuecomment-14582088
Local repo state: clean branch codex/multi-instance-account-key in /Users/pd/Developer/forji-upstream.

Next prepared-but-not-published work: local ForgejoKit PR 1 sketch for typed auth/server errors. Do not publish it before maintainer signal on PR 0.

## Codex status — upstream Forji PR 0 Current upstream posture: keep changes small and maintainer-friendly. Do not open the next PR until `secana/Forji#29` is merged/commented on or enough time passes without maintainer response. Status: - Opened upstream PR: https://codeberg.org/secana/Forji/pulls/29 - Scope: fix multi-instance fallback keying by account (`normalized serverURL + username`) instead of `serverURL` only. - Local focused test after Xcode install: `MultiInstanceManagerTests` passed on iPhone 17 Pro simulator, iOS 26.4.1. - Added validation comment to the PR: https://codeberg.org/secana/Forji/pulls/29#issuecomment-14582088 - Local repo state: clean branch `codex/multi-instance-account-key` in `/Users/pd/Developer/forji-upstream`. Next prepared-but-not-published work: local ForgejoKit PR 1 sketch for typed auth/server errors. Do not publish it before maintainer signal on PR 0.

claude referenced this issue from a commit

2026-05-17 17:58:02 +02:00

docs(specs): Forji mobile PAT v0 prebuild + execution prompt (#133)

claude referenced this issue

2026-05-17 17:58:21 +02:00

docs(specs): Forji mobile PAT v0 prebuild + execution prompt (#133) #334

claude commented

2026-05-17 17:58:37 +02:00

Collaborator

Status update from claude (Earl Grey fork, Batch E) — 2026-05-17

Upstream state

PR#1 secana/ForgejoKit#3 (fix: preserve merge error context) — OPEN, awaiting maintainer. Operator-authored.
PR#2 secana/Forji#31 (refactor: use ForgejoKit error categories) — OPEN, awaiting maintainer. Operator-authored.

Prebuild for outstanding 3 upstream PRs

Spec Kit prepared at docs/specs/forji-mobile-pat-v0/ + companion execution prompt at prompts/codex-forji-mobile-pat.md — PR #334.

Three remaining upstream PR drafts from 2026-05-09 three-model synthesis:

Slice	Upstream	Goal	Tier
(a)	`secana/Forji` PR0	Multi-instance duplicate server crash	Lite
(b)	`secana/ForgejoKit` + `secana/Forji` PR3	PAT capability checker	Full
(c)	`secana/Forji` PR4	Keychain v2 / stable account ID	Full

Operator action queue

Merge PR #334 (Trivial, docs-only) to land Spec Kit + execution prompt
Once merged: codex picks up prompts/codex-forji-mobile-pat.md per dispatch pattern from #323/#324/#325
Codex prepares branches in pdurlej/Forji + pdurlej/ForgejoKit forks (both exist on codeberg)
For each slice: operator reviews diff, opens upstream PR via codeberg UI (Constitution P3 — codex does NOT auto-submit upstream)
Operator iPhone manual test before slice (c) upstream submission

Decisions to confirm before slice (b) starts

D3: test account for live capability probe — default iskra-bot@git.pdurlej.com. Override?
Q2: ForgejoKit#3 (PR#1) landing strategy — wait for upstream merge OR vendor in slice (b)? Default: wait.
Q3: codeberg PAT for codex — exists in keychain or needs creation?

After all 5 upstream PRs land

Issue #133 closed with summary + operator mobile workflow verified working on iPhone.

🍵 Batch E delivered. Returning to operator handoff.

## Status update from claude (Earl Grey fork, Batch E) — 2026-05-17 ### Upstream state - **PR#1** `secana/ForgejoKit#3` (fix: preserve merge error context) — **OPEN, awaiting maintainer**. Operator-authored. - **PR#2** `secana/Forji#31` (refactor: use ForgejoKit error categories) — **OPEN, awaiting maintainer**. Operator-authored. ### Prebuild for outstanding 3 upstream PRs Spec Kit prepared at `docs/specs/forji-mobile-pat-v0/` + companion execution prompt at `prompts/codex-forji-mobile-pat.md` — PR #334. Three remaining upstream PR drafts from 2026-05-09 three-model synthesis: | Slice | Upstream | Goal | Tier | |---|---|---|---| | (a) | `secana/Forji` PR0 | Multi-instance duplicate server crash | Lite | | (b) | `secana/ForgejoKit` + `secana/Forji` PR3 | PAT capability checker | Full | | (c) | `secana/Forji` PR4 | Keychain v2 / stable account ID | Full | ### Operator action queue 1. **Merge PR #334** (Trivial, docs-only) to land Spec Kit + execution prompt 2. Once merged: codex picks up `prompts/codex-forji-mobile-pat.md` per dispatch pattern from #323/#324/#325 3. Codex prepares branches in `pdurlej/Forji` + `pdurlej/ForgejoKit` forks (both exist on codeberg) 4. For each slice: operator reviews diff, opens upstream PR via codeberg UI (Constitution P3 — codex does NOT auto-submit upstream) 5. Operator iPhone manual test before slice (c) upstream submission ### Decisions to confirm before slice (b) starts - **D3**: test account for live capability probe — default `iskra-bot@git.pdurlej.com`. Override? - **Q2**: ForgejoKit#3 (PR#1) landing strategy — wait for upstream merge OR vendor in slice (b)? Default: wait. - **Q3**: codeberg PAT for codex — exists in keychain or needs creation? ### After all 5 upstream PRs land Issue #133 closed with summary + operator mobile workflow verified working on iPhone. --- 🍵 Batch E delivered. Returning to operator handoff.

codex added this to the 08 - Persona and OpenClaw product loops milestone

2026-05-19 08:36:31 +02:00

pdurlej referenced this issue from a commit

2026-05-23 10:31:16 +02:00

Merge pull request 'docs(specs): Forji mobile PAT v0 prebuild + execution prompt (#133)' (#334) from claude/forji-mobile-pat-prebuild into main

codex referenced this issue

2026-05-28 01:21:54 +02:00

chore(m08): select next one or two Persona/OpenClaw product loops #542

codex referenced this issue

2026-05-29 16:58:33 +02:00

chore(m08): select next one or two Persona/OpenClaw product loops #542

codex commented

2026-05-29 16:58:35 +02:00

Collaborator

Parked from M08 to M10 per Iskra supplemental triage. Mobile Forgejo UX is useful, but not current Persona/OpenClaw critical path. No runtime mutation was performed.

codex modified the milestone from 08 - Persona and OpenClaw product loops to 10 - Improvements

2026-05-29 16:58:35 +02:00

claude added the

priority:p3

label

2026-05-30 22:43:21 +02:00

claude added the

status:parked

label

2026-06-01 08:53:13 +02:00

claude commented

2026-06-01 08:53:14 +02:00

Collaborator

Parked (p3, M10 closure plan #653 + Judging Claw priority). Reactivate when mobile Forgejo (Forji iOS) access is prioritized.

**Parked (p3, M10 closure plan #653 + Judging Claw priority).** Reactivate when mobile Forgejo (Forji iOS) access is prioritized.

Iskra commented

2026-06-08 03:02:45 +02:00

Author

Collaborator

{
"confidence": 4,
"effort_hint": "medium",
"escalation": {
"kind": "none",
"reason": ""
},
"evidence_refs": [
{
"note": "Issue investigates Forji iOS Forgejo PAT auth and possible upstream fixes.",
"type": "forgejo",
"value": "issue-title-body-labels-and-target-snapshot"
},
{
"note": "Body frames mobile Forgejo access as useful for operator triage, approvals, and demos.",
"type": "forgejo",
"value": "issue-body-platform-relevance"
},
{
"note": "Snapshot labels mark the issue as priority p3 and parked.",
"type": "snapshot",
"value": "target-snapshot-labels"
}
],
"impact": 2,
"judge_actor": {
"name": "iskra",
"runtime": "openclaw"
},
"judged_at": "2026-06-08T01:02:00Z",
"labels_to_apply": [
"judge/p3"
],
"piotr_fit": "medium",
"priority": "p3",
"rationale_summary": "This is P3 observe work because reliable mobile Forgejo access is useful but currently parked behind higher-priority platform safety work.",
"reach": 3,
"recommended_next_action": "observe",
"rerun_reason": "no_prior_judgment",
"schema": "openclaw.judge.v0",
"target": {
"kind": "issue",
"number": 133,
"repo": "pdurlej/platform"
},
"target_snapshot": {
"body_hash": "sha256:c4ef3c0f62acd75506d865795e46ebdce4ff134c77df4984d90dff2a2ebafd0f",
"commit_count": null,
"evidence_hash": "sha256:d0d5124daabadac765996b1ea04974ce348a81a17964616a6f90b8f93c497312",
"head_sha": null,
"labels": [
"priority:p3",
"status:parked"
],
"labels_hash": "sha256:70bfe69a42f166841b4645bc96bcb858084f4174783502fb4cef5ef76e679e84",
"state": "open",
"title_hash": "sha256:a8c9710c1667a0b5a510be72e86d3db49633fc5687fec297e3cf04cb2b730737",
"updated_at": "2026-06-01T08:53:14+02:00"
},
"top_caveat": "Do not let mobile-client debugging displace core agent-access and approval-boundary work."
}

{ "confidence": 4, "effort_hint": "medium", "escalation": { "kind": "none", "reason": "" }, "evidence_refs": [ { "note": "Issue investigates Forji iOS Forgejo PAT auth and possible upstream fixes.", "type": "forgejo", "value": "issue-title-body-labels-and-target-snapshot" }, { "note": "Body frames mobile Forgejo access as useful for operator triage, approvals, and demos.", "type": "forgejo", "value": "issue-body-platform-relevance" }, { "note": "Snapshot labels mark the issue as priority p3 and parked.", "type": "snapshot", "value": "target-snapshot-labels" } ], "impact": 2, "judge_actor": { "name": "iskra", "runtime": "openclaw" }, "judged_at": "2026-06-08T01:02:00Z", "labels_to_apply": [ "judge/p3" ], "piotr_fit": "medium", "priority": "p3", "rationale_summary": "This is P3 observe work because reliable mobile Forgejo access is useful but currently parked behind higher-priority platform safety work.", "reach": 3, "recommended_next_action": "observe", "rerun_reason": "no_prior_judgment", "schema": "openclaw.judge.v0", "target": { "kind": "issue", "number": 133, "repo": "pdurlej/platform" }, "target_snapshot": { "body_hash": "sha256:c4ef3c0f62acd75506d865795e46ebdce4ff134c77df4984d90dff2a2ebafd0f", "commit_count": null, "evidence_hash": "sha256:d0d5124daabadac765996b1ea04974ce348a81a17964616a6f90b8f93c497312", "head_sha": null, "labels": [ "priority:p3", "status:parked" ], "labels_hash": "sha256:70bfe69a42f166841b4645bc96bcb858084f4174783502fb4cef5ef76e679e84", "state": "open", "title_hash": "sha256:a8c9710c1667a0b5a510be72e86d3db49633fc5687fec297e3cf04cb2b730737", "updated_at": "2026-06-01T08:53:14+02:00" }, "top_caveat": "Do not let mobile-client debugging displace core agent-access and approval-boundary work." }

Iskra added the

judge/p3

label

2026-06-08 03:02:45 +02:00