fix: merge repo_update — add archived+template, keep default_branch+confirm from main

feat(repo_update): tool for archiving + metadata patches
Adds a repo_update tool exposing PATCH /api/v1/repos/{owner}/{name} with optional pointer fields (archived, description, private, website, template). Only fields set by the caller are sent on the wire, so the server patches exactly what was asked for. Originally needed to archive ingestion-svc cleanly instead of leaving a README tombstone, and to flip template-go-{agent,web} to template=true so create_project_from_template stops failing the "is not marked as template" guard. Wire-level enforcement of "at least one field" returns ErrValidation before any network call, preventing no-op PATCHes. private=false (making a repo public) is allowed but flagged in the tool description with a "verify intent before calling" warning. The earlier issue draft suggested an ntfy confirmation hook for that path — out of scope for this PR; the warning string is the minimum that fits inside the tool surface today. Wires NewRepoUpdate into cmd/gitea-mcp/main.go alongside the rest of the repo_* family. Closes #12
2026-05-16 21:17:40 +00:00 · 2026-05-16 23:01:33 +02:00 · 2026-05-16 23:01:28 +02:00 · 2026-05-16 23:01:18 +02:00 · 2026-05-16 23:00:23 +02:00
27 changed files with 283 additions and 1323 deletions
--- a/.aider.conventions.md
+++ b/.aider.conventions.md
@@ -36,9 +36,6 @@ These rules apply to every task across every project, regardless of harness.
 4. **Goal-driven execution.** Define clear success criteria up front for every task.
   Loop — implement, verify, refine — until those criteria are met. Don't claim
   completion without evidence (tests pass, command output, observed behavior).
 5. **Branch-per-task for multi-agent repos.** When another agent may be active on
   the same repo, create a branch (`agent/<description>`), commit there, and open a
   PR. Do not merge without explicit instruction from Mathias.
 ## Default stack
@@ -52,7 +49,6 @@ These rules apply to every task across every project, regardless of harness.
 | Search | pgvector (vector), BM25 | Qdrant (when >1M vectors or hybrid retrieval) | — |
 | Logging | slog (structured) | — | — |
 | Testing | Table-driven, testify | — | — |
 | Agents (Go) | google.golang.org/adk + pkg/litellm adapter | — | — |
 Exploratory: Rust, Zig — I'll tell you when I want these.
@@ -64,7 +60,7 @@ Exploratory: Rust, Zig — I'll tell you when I want these.
 - **Architecture**: prefer stdlib over frameworks, constructor injection, env-var config parsed into typed structs
 - **Git**: conventional commits (`feat:`, `fix:`, `chore:`), one concern per PR, PR describes *why* not *what*
 - **Security**: no secrets in code, govulncheck before adding deps, SOPS for encrypted config
- **Dependencies**: prefer stdlib. testify, slog, templ, sqlc, google.golang.org/adk (agent projects only) are pre-approved; anything else needs justification in the commit message
+- **Dependencies**: prefer stdlib. testify, slog, templ, sqlc are pre-approved; anything else needs justification in the commit message
 ## Infrastructure
@@ -252,67 +248,3 @@ When acting as a coding agent on this project:
 4. Never modify files outside the project root without explicit permission
 5. When adding a dependency, explain why in the commit message
 6. For client projects: never send code or context to cloud APIs — use local models via LiteLLM
 ## Current sprint — gitea-mcp v0.2 (2026-05-14)
 ### Context
 This sprint implements new MCP tools needed for `hyperguild new-project` —
 the automated project creation flow triggered from claude.ai. See brain knowledge
 nodes `adr-new-project-gitea-first-github-mirror` and `roadmap-github-ingestion-pipeline`
 for full background.
 ### Issues to implement (priority order)
 **Batch 1 — blockers (do first, one PR: `feat/repo-crud`)**
 | Issue | Tool | Gitea API |
 |-------|------|-----------|
 | #13 | `repo_create` | POST /api/v1/user/repos or /api/v1/orgs/{org}/repos |
 | #16 | `repo_mirror_push` (add/list/delete) | POST/GET/DELETE /api/v1/repos/{owner}/{repo}/push_mirrors |
 | #12 | `repo_update` | PATCH /api/v1/repos/{owner}/{repo} |
 **Batch 2 — quality of life (second PR: `feat/repo-ux`)**
 | Issue | Tool | Gitea API |
 |-------|------|-----------|
 | #15 | `file_read` dir-path fix | existing endpoint, detect array vs object response |
 | #14 | `repo_tree` | GET /api/v1/repos/{owner}/{repo}/git/trees/{sha}?recursive=true |
 | #18 | `repo_topics_update` | PUT /api/v1/repos/{owner}/{repo}/topics |
 **Batch 3 — can wait**
 | Issue | Tool | Note |
 |-------|------|------|
 | #11 | `repo_delete` | HIGH risk — needs `confirm` param == repo name |
 | #17 | `release_create` | POST /api/v1/repos/{owner}/{repo}/releases |
 ### How to add a tool (pattern)
 Every tool = 4 files following `internal/tools/repo_get.go` exactly:
 1. `internal/gitea/<domain>.go` — API client method (use PostJSON/PatchJSON/DeleteJSON)
 2. `internal/tools/repo_<name>.go` — tool handler with Descriptor() + Call()
 3. `internal/tools/repo_<name>_test.go` — table-driven tests with httptest.NewServer
 4. Registration in main — find where `NewRepoGet` is registered, add new tool same place
 Key rules:
 - Always call `t.a.Check(args.Owner)` before any API call (allowlist guard)
 - Use `textOK(result)` for success output
 - For `repo_mirror_push`: NEVER log or return `remote_password` in any output
 - For `repo_update` with `private: false` and `repo_delete`: require `confirm` param == repo name
 ### Token permissions needed
 New tools require these additional Gitea token scopes:
 - `write:repository` — repo_create, repo_update, repo_mirror_push, repo_topics_update, release_create
 - `delete_repo` — repo_delete
 Check current token: `curl -H "Authorization: token $GITEA_TOKEN" https://gitea.d-ma.be/api/v1/user`
 If scopes are missing, update token in Gitea settings before running tests.
 ### Definition of done
 - `task check` passes (all tools, all batches)
 - Each new tool manually callable via `claude mcp call`
 - PR #1 (batch 1) merged before starting batch 2
 - Issue #19 (mirror flow e2e test) verified manually after batch 1 is deployed
--- a/.context/PROJECT.md
+++ b/.context/PROJECT.md
@@ -77,67 +77,3 @@ When acting as a coding agent on this project:
 4. Never modify files outside the project root without explicit permission
 5. When adding a dependency, explain why in the commit message
 6. For client projects: never send code or context to cloud APIs — use local models via LiteLLM
 ## Current sprint — gitea-mcp v0.2 (2026-05-14)
 ### Context
 This sprint implements new MCP tools needed for `hyperguild new-project` —
 the automated project creation flow triggered from claude.ai. See brain knowledge
 nodes `adr-new-project-gitea-first-github-mirror` and `roadmap-github-ingestion-pipeline`
 for full background.
 ### Issues to implement (priority order)
 **Batch 1 — blockers (do first, one PR: `feat/repo-crud`)**
 | Issue | Tool | Gitea API |
 |-------|------|-----------|
 | #13 | `repo_create` | POST /api/v1/user/repos or /api/v1/orgs/{org}/repos |
 | #16 | `repo_mirror_push` (add/list/delete) | POST/GET/DELETE /api/v1/repos/{owner}/{repo}/push_mirrors |
 | #12 | `repo_update` | PATCH /api/v1/repos/{owner}/{repo} |
 **Batch 2 — quality of life (second PR: `feat/repo-ux`)**
 | Issue | Tool | Gitea API |
 |-------|------|-----------|
 | #15 | `file_read` dir-path fix | existing endpoint, detect array vs object response |
 | #14 | `repo_tree` | GET /api/v1/repos/{owner}/{repo}/git/trees/{sha}?recursive=true |
 | #18 | `repo_topics_update` | PUT /api/v1/repos/{owner}/{repo}/topics |
 **Batch 3 — can wait**
 | Issue | Tool | Note |
 |-------|------|------|
 | #11 | `repo_delete` | HIGH risk — needs `confirm` param == repo name |
 | #17 | `release_create` | POST /api/v1/repos/{owner}/{repo}/releases |
 ### How to add a tool (pattern)
 Every tool = 4 files following `internal/tools/repo_get.go` exactly:
 1. `internal/gitea/<domain>.go` — API client method (use PostJSON/PatchJSON/DeleteJSON)
 2. `internal/tools/repo_<name>.go` — tool handler with Descriptor() + Call()
 3. `internal/tools/repo_<name>_test.go` — table-driven tests with httptest.NewServer
 4. Registration in main — find where `NewRepoGet` is registered, add new tool same place
 Key rules:
 - Always call `t.a.Check(args.Owner)` before any API call (allowlist guard)
 - Use `textOK(result)` for success output
 - For `repo_mirror_push`: NEVER log or return `remote_password` in any output
 - For `repo_update` with `private: false` and `repo_delete`: require `confirm` param == repo name
 ### Token permissions needed
 New tools require these additional Gitea token scopes:
 - `write:repository` — repo_create, repo_update, repo_mirror_push, repo_topics_update, release_create
 - `delete_repo` — repo_delete
 Check current token: `curl -H "Authorization: token $GITEA_TOKEN" https://gitea.d-ma.be/api/v1/user`
 If scopes are missing, update token in Gitea settings before running tests.
 ### Definition of done
 - `task check` passes (all tools, all batches)
 - Each new tool manually callable via `claude mcp call`
 - PR #1 (batch 1) merged before starting batch 2
 - Issue #19 (mirror flow e2e test) verified manually after batch 1 is deployed
--- a/.context/system-prompt.txt
+++ b/.context/system-prompt.txt
@@ -41,9 +41,6 @@ These rules apply to every task across every project, regardless of harness.
 4. **Goal-driven execution.** Define clear success criteria up front for every task.
   Loop — implement, verify, refine — until those criteria are met. Don't claim
   completion without evidence (tests pass, command output, observed behavior).
 5. **Branch-per-task for multi-agent repos.** When another agent may be active on
   the same repo, create a branch (`agent/<description>`), commit there, and open a
   PR. Do not merge without explicit instruction from Mathias.
 ## Default stack
@@ -57,7 +54,6 @@ These rules apply to every task across every project, regardless of harness.
 | Search | pgvector (vector), BM25 | Qdrant (when >1M vectors or hybrid retrieval) | — |
 | Logging | slog (structured) | — | — |
 | Testing | Table-driven, testify | — | — |
 | Agents (Go) | google.golang.org/adk + pkg/litellm adapter | — | — |
 Exploratory: Rust, Zig — I'll tell you when I want these.
@@ -69,7 +65,7 @@ Exploratory: Rust, Zig — I'll tell you when I want these.
 - **Architecture**: prefer stdlib over frameworks, constructor injection, env-var config parsed into typed structs
 - **Git**: conventional commits (`feat:`, `fix:`, `chore:`), one concern per PR, PR describes *why* not *what*
 - **Security**: no secrets in code, govulncheck before adding deps, SOPS for encrypted config
- **Dependencies**: prefer stdlib. testify, slog, templ, sqlc, google.golang.org/adk (agent projects only) are pre-approved; anything else needs justification in the commit message
+- **Dependencies**: prefer stdlib. testify, slog, templ, sqlc are pre-approved; anything else needs justification in the commit message
 ## Infrastructure
@@ -258,68 +254,4 @@ When acting as a coding agent on this project:
 5. When adding a dependency, explain why in the commit message
 6. For client projects: never send code or context to cloud APIs — use local models via LiteLLM
 ## Current sprint — gitea-mcp v0.2 (2026-05-14)
 ### Context
 This sprint implements new MCP tools needed for `hyperguild new-project` —
 the automated project creation flow triggered from claude.ai. See brain knowledge
 nodes `adr-new-project-gitea-first-github-mirror` and `roadmap-github-ingestion-pipeline`
 for full background.
 ### Issues to implement (priority order)
 **Batch 1 — blockers (do first, one PR: `feat/repo-crud`)**
 | Issue | Tool | Gitea API |
 |-------|------|-----------|
 | #13 | `repo_create` | POST /api/v1/user/repos or /api/v1/orgs/{org}/repos |
 | #16 | `repo_mirror_push` (add/list/delete) | POST/GET/DELETE /api/v1/repos/{owner}/{repo}/push_mirrors |
 | #12 | `repo_update` | PATCH /api/v1/repos/{owner}/{repo} |
 **Batch 2 — quality of life (second PR: `feat/repo-ux`)**
 | Issue | Tool | Gitea API |
 |-------|------|-----------|
 | #15 | `file_read` dir-path fix | existing endpoint, detect array vs object response |
 | #14 | `repo_tree` | GET /api/v1/repos/{owner}/{repo}/git/trees/{sha}?recursive=true |
 | #18 | `repo_topics_update` | PUT /api/v1/repos/{owner}/{repo}/topics |
 **Batch 3 — can wait**
 | Issue | Tool | Note |
 |-------|------|------|
 | #11 | `repo_delete` | HIGH risk — needs `confirm` param == repo name |
 | #17 | `release_create` | POST /api/v1/repos/{owner}/{repo}/releases |
 ### How to add a tool (pattern)
 Every tool = 4 files following `internal/tools/repo_get.go` exactly:
 1. `internal/gitea/<domain>.go` — API client method (use PostJSON/PatchJSON/DeleteJSON)
 2. `internal/tools/repo_<name>.go` — tool handler with Descriptor() + Call()
 3. `internal/tools/repo_<name>_test.go` — table-driven tests with httptest.NewServer
 4. Registration in main — find where `NewRepoGet` is registered, add new tool same place
 Key rules:
 - Always call `t.a.Check(args.Owner)` before any API call (allowlist guard)
 - Use `textOK(result)` for success output
 - For `repo_mirror_push`: NEVER log or return `remote_password` in any output
 - For `repo_update` with `private: false` and `repo_delete`: require `confirm` param == repo name
 ### Token permissions needed
 New tools require these additional Gitea token scopes:
 - `write:repository` — repo_create, repo_update, repo_mirror_push, repo_topics_update, release_create
 - `delete_repo` — repo_delete
 Check current token: `curl -H "Authorization: token $GITEA_TOKEN" https://gitea.d-ma.be/api/v1/user`
 If scopes are missing, update token in Gitea settings before running tests.
 ### Definition of done
 - `task check` passes (all tools, all batches)
 - Each new tool manually callable via `claude mcp call`
 - PR #1 (batch 1) merged before starting batch 2
 - Issue #19 (mirror flow e2e test) verified manually after batch 1 is deployed
 ---
--- a/.cursorrules
+++ b/.cursorrules
@@ -39,9 +39,6 @@ These rules apply to every task across every project, regardless of harness.
 4. **Goal-driven execution.** Define clear success criteria up front for every task.
   Loop — implement, verify, refine — until those criteria are met. Don't claim
   completion without evidence (tests pass, command output, observed behavior).
 5. **Branch-per-task for multi-agent repos.** When another agent may be active on
   the same repo, create a branch (`agent/<description>`), commit there, and open a
   PR. Do not merge without explicit instruction from Mathias.
 ## Default stack
@@ -55,7 +52,6 @@ These rules apply to every task across every project, regardless of harness.
 | Search | pgvector (vector), BM25 | Qdrant (when >1M vectors or hybrid retrieval) | — |
 | Logging | slog (structured) | — | — |
 | Testing | Table-driven, testify | — | — |
 | Agents (Go) | google.golang.org/adk + pkg/litellm adapter | — | — |
 Exploratory: Rust, Zig — I'll tell you when I want these.
@@ -67,7 +63,7 @@ Exploratory: Rust, Zig — I'll tell you when I want these.
 - **Architecture**: prefer stdlib over frameworks, constructor injection, env-var config parsed into typed structs
 - **Git**: conventional commits (`feat:`, `fix:`, `chore:`), one concern per PR, PR describes *why* not *what*
 - **Security**: no secrets in code, govulncheck before adding deps, SOPS for encrypted config
- **Dependencies**: prefer stdlib. testify, slog, templ, sqlc, google.golang.org/adk (agent projects only) are pre-approved; anything else needs justification in the commit message
+- **Dependencies**: prefer stdlib. testify, slog, templ, sqlc are pre-approved; anything else needs justification in the commit message
 ## Infrastructure
@@ -255,67 +251,3 @@ When acting as a coding agent on this project:
 4. Never modify files outside the project root without explicit permission
 5. When adding a dependency, explain why in the commit message
 6. For client projects: never send code or context to cloud APIs — use local models via LiteLLM
 ## Current sprint — gitea-mcp v0.2 (2026-05-14)
 ### Context
 This sprint implements new MCP tools needed for `hyperguild new-project` —
 the automated project creation flow triggered from claude.ai. See brain knowledge
 nodes `adr-new-project-gitea-first-github-mirror` and `roadmap-github-ingestion-pipeline`
 for full background.
 ### Issues to implement (priority order)
 **Batch 1 — blockers (do first, one PR: `feat/repo-crud`)**
 | Issue | Tool | Gitea API |
 |-------|------|-----------|
 | #13 | `repo_create` | POST /api/v1/user/repos or /api/v1/orgs/{org}/repos |
 | #16 | `repo_mirror_push` (add/list/delete) | POST/GET/DELETE /api/v1/repos/{owner}/{repo}/push_mirrors |
 | #12 | `repo_update` | PATCH /api/v1/repos/{owner}/{repo} |
 **Batch 2 — quality of life (second PR: `feat/repo-ux`)**
 | Issue | Tool | Gitea API |
 |-------|------|-----------|
 | #15 | `file_read` dir-path fix | existing endpoint, detect array vs object response |
 | #14 | `repo_tree` | GET /api/v1/repos/{owner}/{repo}/git/trees/{sha}?recursive=true |
 | #18 | `repo_topics_update` | PUT /api/v1/repos/{owner}/{repo}/topics |
 **Batch 3 — can wait**
 | Issue | Tool | Note |
 |-------|------|------|
 | #11 | `repo_delete` | HIGH risk — needs `confirm` param == repo name |
 | #17 | `release_create` | POST /api/v1/repos/{owner}/{repo}/releases |
 ### How to add a tool (pattern)
 Every tool = 4 files following `internal/tools/repo_get.go` exactly:
 1. `internal/gitea/<domain>.go` — API client method (use PostJSON/PatchJSON/DeleteJSON)
 2. `internal/tools/repo_<name>.go` — tool handler with Descriptor() + Call()
 3. `internal/tools/repo_<name>_test.go` — table-driven tests with httptest.NewServer
 4. Registration in main — find where `NewRepoGet` is registered, add new tool same place
 Key rules:
 - Always call `t.a.Check(args.Owner)` before any API call (allowlist guard)
 - Use `textOK(result)` for success output
 - For `repo_mirror_push`: NEVER log or return `remote_password` in any output
 - For `repo_update` with `private: false` and `repo_delete`: require `confirm` param == repo name
 ### Token permissions needed
 New tools require these additional Gitea token scopes:
 - `write:repository` — repo_create, repo_update, repo_mirror_push, repo_topics_update, release_create
 - `delete_repo` — repo_delete
 Check current token: `curl -H "Authorization: token $GITEA_TOKEN" https://gitea.d-ma.be/api/v1/user`
 If scopes are missing, update token in Gitea settings before running tests.
 ### Definition of done
 - `task check` passes (all tools, all batches)
 - Each new tool manually callable via `claude mcp call`
 - PR #1 (batch 1) merged before starting batch 2
 - Issue #19 (mirror flow e2e test) verified manually after batch 1 is deployed
--- a/AGENTS.md
+++ b/AGENTS.md
@@ -36,9 +36,6 @@ These rules apply to every task across every project, regardless of harness.
 4. **Goal-driven execution.** Define clear success criteria up front for every task.
   Loop — implement, verify, refine — until those criteria are met. Don't claim
   completion without evidence (tests pass, command output, observed behavior).
 5. **Branch-per-task for multi-agent repos.** When another agent may be active on
   the same repo, create a branch (`agent/<description>`), commit there, and open a
   PR. Do not merge without explicit instruction from Mathias.
 ## Default stack
@@ -52,7 +49,6 @@ These rules apply to every task across every project, regardless of harness.
 | Search | pgvector (vector), BM25 | Qdrant (when >1M vectors or hybrid retrieval) | — |
 | Logging | slog (structured) | — | — |
 | Testing | Table-driven, testify | — | — |
 | Agents (Go) | google.golang.org/adk + pkg/litellm adapter | — | — |
 Exploratory: Rust, Zig — I'll tell you when I want these.
@@ -64,7 +60,7 @@ Exploratory: Rust, Zig — I'll tell you when I want these.
 - **Architecture**: prefer stdlib over frameworks, constructor injection, env-var config parsed into typed structs
 - **Git**: conventional commits (`feat:`, `fix:`, `chore:`), one concern per PR, PR describes *why* not *what*
 - **Security**: no secrets in code, govulncheck before adding deps, SOPS for encrypted config
- **Dependencies**: prefer stdlib. testify, slog, templ, sqlc, google.golang.org/adk (agent projects only) are pre-approved; anything else needs justification in the commit message
+- **Dependencies**: prefer stdlib. testify, slog, templ, sqlc are pre-approved; anything else needs justification in the commit message
 ## Infrastructure
@@ -252,67 +248,3 @@ When acting as a coding agent on this project:
 4. Never modify files outside the project root without explicit permission
 5. When adding a dependency, explain why in the commit message
 6. For client projects: never send code or context to cloud APIs — use local models via LiteLLM
 ## Current sprint — gitea-mcp v0.2 (2026-05-14)
 ### Context
 This sprint implements new MCP tools needed for `hyperguild new-project` —
 the automated project creation flow triggered from claude.ai. See brain knowledge
 nodes `adr-new-project-gitea-first-github-mirror` and `roadmap-github-ingestion-pipeline`
 for full background.
 ### Issues to implement (priority order)
 **Batch 1 — blockers (do first, one PR: `feat/repo-crud`)**
 | Issue | Tool | Gitea API |
 |-------|------|-----------|
 | #13 | `repo_create` | POST /api/v1/user/repos or /api/v1/orgs/{org}/repos |
 | #16 | `repo_mirror_push` (add/list/delete) | POST/GET/DELETE /api/v1/repos/{owner}/{repo}/push_mirrors |
 | #12 | `repo_update` | PATCH /api/v1/repos/{owner}/{repo} |
 **Batch 2 — quality of life (second PR: `feat/repo-ux`)**
 | Issue | Tool | Gitea API |
 |-------|------|-----------|
 | #15 | `file_read` dir-path fix | existing endpoint, detect array vs object response |
 | #14 | `repo_tree` | GET /api/v1/repos/{owner}/{repo}/git/trees/{sha}?recursive=true |
 | #18 | `repo_topics_update` | PUT /api/v1/repos/{owner}/{repo}/topics |
 **Batch 3 — can wait**
 | Issue | Tool | Note |
 |-------|------|------|
 | #11 | `repo_delete` | HIGH risk — needs `confirm` param == repo name |
 | #17 | `release_create` | POST /api/v1/repos/{owner}/{repo}/releases |
 ### How to add a tool (pattern)
 Every tool = 4 files following `internal/tools/repo_get.go` exactly:
 1. `internal/gitea/<domain>.go` — API client method (use PostJSON/PatchJSON/DeleteJSON)
 2. `internal/tools/repo_<name>.go` — tool handler with Descriptor() + Call()
 3. `internal/tools/repo_<name>_test.go` — table-driven tests with httptest.NewServer
 4. Registration in main — find where `NewRepoGet` is registered, add new tool same place
 Key rules:
 - Always call `t.a.Check(args.Owner)` before any API call (allowlist guard)
 - Use `textOK(result)` for success output
 - For `repo_mirror_push`: NEVER log or return `remote_password` in any output
 - For `repo_update` with `private: false` and `repo_delete`: require `confirm` param == repo name
 ### Token permissions needed
 New tools require these additional Gitea token scopes:
 - `write:repository` — repo_create, repo_update, repo_mirror_push, repo_topics_update, release_create
 - `delete_repo` — repo_delete
 Check current token: `curl -H "Authorization: token $GITEA_TOKEN" https://gitea.d-ma.be/api/v1/user`
 If scopes are missing, update token in Gitea settings before running tests.
 ### Definition of done
 - `task check` passes (all tools, all batches)
 - Each new tool manually callable via `claude mcp call`
 - PR #1 (batch 1) merged before starting batch 2
 - Issue #19 (mirror flow e2e test) verified manually after batch 1 is deployed
--- a/CLAUDE.md
+++ b/CLAUDE.md
@@ -77,67 +77,3 @@ When acting as a coding agent on this project:
 4. Never modify files outside the project root without explicit permission
 5. When adding a dependency, explain why in the commit message
 6. For client projects: never send code or context to cloud APIs — use local models via LiteLLM
 ## Current sprint — gitea-mcp v0.2 (2026-05-14)
 ### Context
 This sprint implements new MCP tools needed for `hyperguild new-project` —
 the automated project creation flow triggered from claude.ai. See brain knowledge
 nodes `adr-new-project-gitea-first-github-mirror` and `roadmap-github-ingestion-pipeline`
 for full background.
 ### Issues to implement (priority order)
 **Batch 1 — blockers (do first, one PR: `feat/repo-crud`)**
 | Issue | Tool | Gitea API |
 |-------|------|-----------|
 | #13 | `repo_create` | POST /api/v1/user/repos or /api/v1/orgs/{org}/repos |
 | #16 | `repo_mirror_push` (add/list/delete) | POST/GET/DELETE /api/v1/repos/{owner}/{repo}/push_mirrors |
 | #12 | `repo_update` | PATCH /api/v1/repos/{owner}/{repo} |
 **Batch 2 — quality of life (second PR: `feat/repo-ux`)**
 | Issue | Tool | Gitea API |
 |-------|------|-----------|
 | #15 | `file_read` dir-path fix | existing endpoint, detect array vs object response |
 | #14 | `repo_tree` | GET /api/v1/repos/{owner}/{repo}/git/trees/{sha}?recursive=true |
 | #18 | `repo_topics_update` | PUT /api/v1/repos/{owner}/{repo}/topics |
 **Batch 3 — can wait**
 | Issue | Tool | Note |
 |-------|------|------|
 | #11 | `repo_delete` | HIGH risk — needs `confirm` param == repo name |
 | #17 | `release_create` | POST /api/v1/repos/{owner}/{repo}/releases |
 ### How to add a tool (pattern)
 Every tool = 4 files following `internal/tools/repo_get.go` exactly:
 1. `internal/gitea/<domain>.go` — API client method (use PostJSON/PatchJSON/DeleteJSON)
 2. `internal/tools/repo_<name>.go` — tool handler with Descriptor() + Call()
 3. `internal/tools/repo_<name>_test.go` — table-driven tests with httptest.NewServer
 4. Registration in main — find where `NewRepoGet` is registered, add new tool same place
 Key rules:
 - Always call `t.a.Check(args.Owner)` before any API call (allowlist guard)
 - Use `textOK(result)` for success output
 - For `repo_mirror_push`: NEVER log or return `remote_password` in any output
 - For `repo_update` with `private: false` and `repo_delete`: require `confirm` param == repo name
 ### Token permissions needed
 New tools require these additional Gitea token scopes:
 - `write:repository` — repo_create, repo_update, repo_mirror_push, repo_topics_update, release_create
 - `delete_repo` — repo_delete
 Check current token: `curl -H "Authorization: token $GITEA_TOKEN" https://gitea.d-ma.be/api/v1/user`
 If scopes are missing, update token in Gitea settings before running tests.
 ### Definition of done
 - `task check` passes (all tools, all batches)
 - Each new tool manually callable via `claude mcp call`
 - PR #1 (batch 1) merged before starting batch 2
 - Issue #19 (mirror flow e2e test) verified manually after batch 1 is deployed
--- a/cmd/gitea-mcp/main.go
+++ b/cmd/gitea-mcp/main.go
@@ -40,6 +40,7 @@ func main() {
 	reg.Register(tools.NewRepoGet(giteaClient, ownerAllow))
 	reg.Register(tools.NewRepoSearch(giteaClient, ownerAllow))
 	reg.Register(tools.NewRepoStatus(giteaClient, ownerAllow))
 	reg.Register(tools.NewRepoUpdate(giteaClient, ownerAllow))
 	reg.Register(tools.NewFileRead(giteaClient, ownerAllow))
 	reg.Register(tools.NewFileWriteBranch(giteaClient, ownerAllow))
 	reg.Register(tools.NewFileDelete(giteaClient, ownerAllow))
@@ -60,11 +61,6 @@ func main() {
 	reg.Register(tools.NewIssueComment(giteaClient, ownerAllow))
 	reg.Register(tools.NewCreateProjectFromTemplate(giteaClient, ownerAllow, "mathias", "template-go-web"))
 	reg.Register(tools.NewTagCreate(giteaClient, ownerAllow))
 	reg.Register(tools.NewRepoCreate(giteaClient, ownerAllow))
 	reg.Register(tools.NewRepoUpdate(giteaClient, ownerAllow))
 	reg.Register(tools.NewRepoMirrorPush(giteaClient, ownerAllow))
 	reg.Register(tools.NewRepoTree(giteaClient, ownerAllow))
 	reg.Register(tools.NewRepoTopicsUpdate(giteaClient, ownerAllow))
 	mcpSrv := mcp.NewServer(mcp.ServerOptions{
 		Registry: reg,
--- a/internal/gitea/files.go
+++ b/internal/gitea/files.go
@@ -27,10 +27,6 @@ func (c *Client) GetFileContents(ctx context.Context, owner, repo, path, ref str
 	if err := MapStatus(status, body); err != nil {
 		return nil, err
 	}
 	// Array response means path is a directory — guide caller to dir_list.
 	if len(body) > 0 && body[0] == '[' {
 		return nil, fmt.Errorf("%w: path %q is a directory, not a file — use dir_list", ErrValidation, path)
 	}
 	var fc FileContents
 	if err := json.Unmarshal(body, &fc); err != nil {
 		return nil, err
--- a/internal/gitea/mirrors.go
+++ b/internal/gitea/mirrors.go
@@ -1,71 +0,0 @@
 package gitea
 import (
 	"context"
 	"encoding/json"
 	"fmt"
 )
 type PushMirror struct {
 	ID            int    `json:"id"`
 	RemoteName    string `json:"remote_name"`
 	RemoteAddress string `json:"remote_address"`
 	Interval      string `json:"interval"`
 	SyncOnCommit  bool   `json:"sync_on_commit"`
 }
 type AddPushMirrorArgs struct {
 	RemoteAddress  string `json:"remote_address"`
 	RemoteUsername string `json:"remote_username,omitempty"`
 	RemotePassword string `json:"remote_password,omitempty"`
 	Interval       string `json:"interval,omitempty"`
 	SyncOnCommit   bool   `json:"sync_on_commit,omitempty"`
 }
 func (c *Client) AddPushMirror(ctx context.Context, owner, repo string, args AddPushMirrorArgs) (*PushMirror, error) {
 	path := fmt.Sprintf("/api/v1/repos/%s/%s/push_mirrors", owner, repo)
 	body, err := json.Marshal(args)
 	if err != nil {
 		return nil, err
 	}
 	resp, status, err := c.PostJSON(ctx, path, body)
 	if err != nil {
 		return nil, err
 	}
 	if err := MapStatus(status, resp); err != nil {
 		return nil, err
 	}
 	var m PushMirror
 	if err := json.Unmarshal(resp, &m); err != nil {
 		return nil, err
 	}
 	return &m, nil
 }
 func (c *Client) ListPushMirrors(ctx context.Context, owner, repo string) ([]PushMirror, error) {
 	path := fmt.Sprintf("/api/v1/repos/%s/%s/push_mirrors", owner, repo)
 	resp, status, err := c.GetJSON(ctx, path)
 	if err != nil {
 		return nil, err
 	}
 	if err := MapStatus(status, resp); err != nil {
 		return nil, err
 	}
 	var mirrors []PushMirror
 	if err := json.Unmarshal(resp, &mirrors); err != nil {
 		return nil, err
 	}
 	return mirrors, nil
 }
 func (c *Client) DeletePushMirror(ctx context.Context, owner, repo, mirrorName string) error {
 	path := fmt.Sprintf("/api/v1/repos/%s/%s/push_mirrors/%s", owner, repo, mirrorName)
 	resp, status, err := c.DeleteJSON(ctx, path)
 	if err != nil {
 		return err
 	}
 	if status == 204 {
 		return nil
 	}
 	return MapStatus(status, resp)
 }
--- a/internal/gitea/mirrors_test.go
+++ b/internal/gitea/mirrors_test.go
@@ -1,64 +0,0 @@
 package gitea_test
 import (
 	"context"
 	"net/http"
 	"net/http/httptest"
 	"testing"
 	"gitea.d-ma.be/mathias/gitea-mcp/internal/gitea"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
 func TestAddPushMirror(t *testing.T) {
 	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		assert.Equal(t, http.MethodPost, r.Method)
 		assert.Equal(t, "/api/v1/repos/mathias/infra/push_mirrors", r.URL.Path)
 		w.Header().Set("Content-Type", "application/json")
 		w.WriteHeader(http.StatusCreated)
 		_, _ = w.Write([]byte(`{"id":1,"remote_name":"mirror-github","remote_address":"https://github.com/mathias/infra.git","interval":"8h0m0s","sync_on_commit":true}`))
 	}))
 	defer srv.Close()
 	c := gitea.NewClient(srv.URL, "tok")
 	m, err := c.AddPushMirror(context.Background(), "mathias", "infra", gitea.AddPushMirrorArgs{
 		RemoteAddress:  "https://github.com/mathias/infra.git",
 		RemoteUsername: "mathias",
 		RemotePassword: "secret",
 		Interval:       "8h0m0s",
 		SyncOnCommit:   true,
 	})
 	require.NoError(t, err)
 	assert.Equal(t, "mirror-github", m.RemoteName)
 	assert.Equal(t, "https://github.com/mathias/infra.git", m.RemoteAddress)
 }
 func TestListPushMirrors(t *testing.T) {
 	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		assert.Equal(t, http.MethodGet, r.Method)
 		assert.Equal(t, "/api/v1/repos/mathias/infra/push_mirrors", r.URL.Path)
 		w.Header().Set("Content-Type", "application/json")
 		_, _ = w.Write([]byte(`[{"id":1,"remote_name":"mirror-github","remote_address":"https://github.com/mathias/infra.git","interval":"8h0m0s","sync_on_commit":true}]`))
 	}))
 	defer srv.Close()
 	c := gitea.NewClient(srv.URL, "tok")
 	mirrors, err := c.ListPushMirrors(context.Background(), "mathias", "infra")
 	require.NoError(t, err)
 	require.Len(t, mirrors, 1)
 	assert.Equal(t, "mirror-github", mirrors[0].RemoteName)
 }
 func TestDeletePushMirror(t *testing.T) {
 	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		assert.Equal(t, http.MethodDelete, r.Method)
 		assert.Equal(t, "/api/v1/repos/mathias/infra/push_mirrors/mirror-github", r.URL.Path)
 		w.WriteHeader(http.StatusNoContent)
 	}))
 	defer srv.Close()
 	c := gitea.NewClient(srv.URL, "tok")
 	err := c.DeletePushMirror(context.Background(), "mathias", "infra", "mirror-github")
 	require.NoError(t, err)
 }
--- a/internal/gitea/repos.go
+++ b/internal/gitea/repos.go
@@ -18,56 +18,6 @@ type Repo struct {
 	Template      bool   `json:"template"`
 }
 type TreeEntry struct {
 	Path string `json:"path"`
 	Type string `json:"type"` // "blob" or "tree"
 	SHA  string `json:"sha"`
 	Size int64  `json:"size"`
 	URL  string `json:"url"`
 }
 type Tree struct {
 	SHA       string      `json:"sha"`
 	URL       string      `json:"url"`
 	Tree      []TreeEntry `json:"tree"`
 	Truncated bool        `json:"truncated"`
 }
 func (c *Client) GetTree(ctx context.Context, owner, repo, ref string, recursive bool) (*Tree, error) {
 	path := fmt.Sprintf("/api/v1/repos/%s/%s/git/trees/%s", owner, repo, url.PathEscape(ref))
 	if recursive {
 		path += "?recursive=1"
 	}
 	body, status, err := c.GetJSON(ctx, path)
 	if err != nil {
 		return nil, err
 	}
 	if err := MapStatus(status, body); err != nil {
 		return nil, err
 	}
 	var t Tree
 	if err := json.Unmarshal(body, &t); err != nil {
 		return nil, err
 	}
 	return &t, nil
 }
 func (c *Client) UpdateTopics(ctx context.Context, owner, repo string, topics []string) error {
 	path := fmt.Sprintf("/api/v1/repos/%s/%s/topics", owner, repo)
 	body, err := json.Marshal(map[string][]string{"topics": topics})
 	if err != nil {
 		return err
 	}
 	resp, status, err := c.PutJSON(ctx, path, body)
 	if err != nil {
 		return err
 	}
 	if status == 204 {
 		return nil
 	}
 	return MapStatus(status, resp)
 }
 func (c *Client) ListRepos(ctx context.Context, owner string, page, limit int) ([]Repo, error) {
 	if page < 1 {
 		page = 1
@@ -121,70 +71,6 @@ func (c *Client) SearchRepos(ctx context.Context, q, owner string, page, limit i
 	return env.Data, nil
 }
 type CreateRepoArgs struct {
 	Name          string `json:"name"`
 	Description   string `json:"description,omitempty"`
 	Private       bool   `json:"private,omitempty"`
 	AutoInit      bool   `json:"auto_init,omitempty"`
 	DefaultBranch string `json:"default_branch,omitempty"`
 	// Org, when non-empty, creates the repo under the named organisation.
 	// Uses POST /api/v1/orgs/{org}/repos instead of /api/v1/user/repos.
 	Org string `json:"-"`
 }
 func (c *Client) CreateRepo(ctx context.Context, args CreateRepoArgs) (*Repo, error) {
 	var path string
 	if args.Org != "" {
 		path = fmt.Sprintf("/api/v1/orgs/%s/repos", args.Org)
 	} else {
 		path = "/api/v1/user/repos"
 	}
 	body, err := json.Marshal(args)
 	if err != nil {
 		return nil, err
 	}
 	resp, status, err := c.PostJSON(ctx, path, body)
 	if err != nil {
 		return nil, err
 	}
 	if err := MapStatus(status, resp); err != nil {
 		return nil, err
 	}
 	var r Repo
 	if err := json.Unmarshal(resp, &r); err != nil {
 		return nil, err
 	}
 	return &r, nil
 }
 // UpdateRepoArgs uses pointers so omitempty can distinguish "not set" from false/zero.
 type UpdateRepoArgs struct {
 	Description   *string `json:"description,omitempty"`
 	Private       *bool   `json:"private,omitempty"`
 	Website       *string `json:"website,omitempty"`
 	DefaultBranch *string `json:"default_branch,omitempty"`
 }
 func (c *Client) UpdateRepo(ctx context.Context, owner, name string, args UpdateRepoArgs) (*Repo, error) {
 	path := fmt.Sprintf("/api/v1/repos/%s/%s", owner, name)
 	body, err := json.Marshal(args)
 	if err != nil {
 		return nil, err
 	}
 	resp, status, err := c.PatchJSON(ctx, path, body)
 	if err != nil {
 		return nil, err
 	}
 	if err := MapStatus(status, resp); err != nil {
 		return nil, err
 	}
 	var r Repo
 	if err := json.Unmarshal(resp, &r); err != nil {
 		return nil, err
 	}
 	return &r, nil
 }
 func (c *Client) GetRepo(ctx context.Context, owner, name string) (*Repo, error) {
 	path := fmt.Sprintf("/api/v1/repos/%s/%s", owner, name)
 	body, status, err := c.GetJSON(ctx, path)
@@ -200,3 +86,34 @@ func (c *Client) GetRepo(ctx context.Context, owner, name string) (*Repo, error)
 	}
 	return &r, nil
 }
 // EditRepoArgs carries optional fields for PATCH /api/v1/repos/{owner}/{name}.
 // Pointer fields let the caller omit unset values from the wire payload, so the
 // server only patches what was explicitly requested.
 type EditRepoArgs struct {
 	Archived    *bool   `json:"archived,omitempty"`
 	Description *string `json:"description,omitempty"`
 	Private     *bool   `json:"private,omitempty"`
 	Website     *string `json:"website,omitempty"`
 	Template    *bool   `json:"template,omitempty"`
 }
 func (c *Client) EditRepo(ctx context.Context, owner, name string, args EditRepoArgs) (*Repo, error) {
 	body, err := json.Marshal(args)
 	if err != nil {
 		return nil, fmt.Errorf("marshal edit args: %w", err)
 	}
 	path := fmt.Sprintf("/api/v1/repos/%s/%s", owner, name)
 	resp, status, err := c.PatchJSON(ctx, path, body)
 	if err != nil {
 		return nil, err
 	}
 	if err := MapStatus(status, resp); err != nil {
 		return nil, err
 	}
 	var r Repo
 	if err := json.Unmarshal(resp, &r); err != nil {
 		return nil, err
 	}
 	return &r, nil
 }
--- a/internal/gitea/repos_test.go
+++ b/internal/gitea/repos_test.go
@@ -47,95 +47,6 @@ func TestListRepos(t *testing.T) {
 	assert.Equal(t, "main", repos[0].DefaultBranch)
 }
 func TestCreateRepo_User(t *testing.T) {
 	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		assert.Equal(t, http.MethodPost, r.Method)
 		assert.Equal(t, "/api/v1/user/repos", r.URL.Path)
 		w.Header().Set("Content-Type", "application/json")
 		w.WriteHeader(http.StatusCreated)
 		_, _ = w.Write([]byte(`{"name":"infra","full_name":"mathias/infra","default_branch":"main","private":true,"clone_url":"https://gitea.example.com/mathias/infra.git","html_url":"https://gitea.example.com/mathias/infra"}`))
 	}))
 	defer srv.Close()
 	c := gitea.NewClient(srv.URL, "tok")
 	r, err := c.CreateRepo(context.Background(), gitea.CreateRepoArgs{
 		Name:    "infra",
 		Private: true,
 	})
 	require.NoError(t, err)
 	assert.Equal(t, "mathias/infra", r.FullName)
 	assert.Equal(t, "main", r.DefaultBranch)
 }
 func TestCreateRepo_Org(t *testing.T) {
 	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		assert.Equal(t, http.MethodPost, r.Method)
 		assert.Equal(t, "/api/v1/orgs/hyperguild/repos", r.URL.Path)
 		w.Header().Set("Content-Type", "application/json")
 		w.WriteHeader(http.StatusCreated)
 		_, _ = w.Write([]byte(`{"name":"infra","full_name":"hyperguild/infra","default_branch":"main","private":false,"clone_url":"https://gitea.example.com/hyperguild/infra.git","html_url":"https://gitea.example.com/hyperguild/infra"}`))
 	}))
 	defer srv.Close()
 	c := gitea.NewClient(srv.URL, "tok")
 	r, err := c.CreateRepo(context.Background(), gitea.CreateRepoArgs{
 		Name:  "infra",
 		Org:   "hyperguild",
 	})
 	require.NoError(t, err)
 	assert.Equal(t, "hyperguild/infra", r.FullName)
 }
 func TestUpdateRepo(t *testing.T) {
 	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		assert.Equal(t, http.MethodPatch, r.Method)
 		assert.Equal(t, "/api/v1/repos/mathias/infra", r.URL.Path)
 		w.Header().Set("Content-Type", "application/json")
 		_, _ = w.Write([]byte(`{"name":"infra","full_name":"mathias/infra","default_branch":"main","description":"updated","private":false,"clone_url":"https://gitea.example.com/mathias/infra.git","html_url":"https://gitea.example.com/mathias/infra"}`))
 	}))
 	defer srv.Close()
 	desc := "updated"
 	c := gitea.NewClient(srv.URL, "tok")
 	r, err := c.UpdateRepo(context.Background(), "mathias", "infra", gitea.UpdateRepoArgs{
 		Description: &desc,
 	})
 	require.NoError(t, err)
 	assert.Equal(t, "updated", r.Description)
 }
 func TestGetTree(t *testing.T) {
 	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		assert.Equal(t, "/api/v1/repos/mathias/infra/git/trees/main", r.URL.Path)
 		assert.Equal(t, "1", r.URL.Query().Get("recursive"))
 		w.Header().Set("Content-Type", "application/json")
 		_, _ = w.Write([]byte(`{"sha":"abc","url":"http://x","tree":[{"path":"README.md","type":"blob","sha":"def","size":13},{"path":"internal","type":"tree","sha":"ghi"}],"truncated":false}`))
 	}))
 	defer srv.Close()
 	c := gitea.NewClient(srv.URL, "tok")
 	tree, err := c.GetTree(context.Background(), "mathias", "infra", "main", true)
 	require.NoError(t, err)
 	assert.Equal(t, "abc", tree.SHA)
 	require.Len(t, tree.Tree, 2)
 	assert.Equal(t, "README.md", tree.Tree[0].Path)
 	assert.Equal(t, "blob", tree.Tree[0].Type)
 	assert.Equal(t, int64(13), tree.Tree[0].Size)
 }
 func TestUpdateTopics(t *testing.T) {
 	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		assert.Equal(t, http.MethodPut, r.Method)
 		assert.Equal(t, "/api/v1/repos/mathias/infra/topics", r.URL.Path)
 		w.WriteHeader(http.StatusNoContent)
 	}))
 	defer srv.Close()
 	c := gitea.NewClient(srv.URL, "tok")
 	err := c.UpdateTopics(context.Background(), "mathias", "infra", []string{"go", "mcp", "gitops"})
 	require.NoError(t, err)
 }
 func TestDefaultBranchCachesAcrossCalls(t *testing.T) {
 	var hits int32
 	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) {
--- a/internal/tools/create_project_from_template.go
+++ b/internal/tools/create_project_from_template.go
@@ -45,14 +45,15 @@ func NewCreateProjectFromTemplate(c *gitea.Client, a *allowlist.Allowlist, tmplO
 func (t *CreateProjectFromTemplate) Descriptor() registry.ToolDescriptor {
 	return registry.ToolDescriptor{
 		Name:        "create_project_from_template",
-		Description: "Create a new project repo from the template, applying placeholder substitutions to known files.",
+		Description: "Create a new project repo from a template, applying placeholder substitutions to known files. Defaults to the server-configured template; pass template_name to override (e.g. template-go-agent).",
 		InputSchema: json.RawMessage(`{
 			"type":"object",
 			"properties":{
 				"owner":{"type":"string"},
 				"name":{"type":"string","pattern":"^[a-z][a-z0-9-]{1,38}[a-z0-9]$"},
 				"description":{"type":"string"},
-				"private":{"type":"boolean"}
+				"private":{"type":"boolean"},
 				"template_name":{"type":"string","description":"Template repo name to generate from. Defaults to the server-configured template."}
 			},
 			"required":["owner","name"]
 		}`),
@@ -60,10 +61,11 @@ func (t *CreateProjectFromTemplate) Descriptor() registry.ToolDescriptor {
 }
 type createProjectArgs struct {
-	Owner       string `json:"owner"`
+	Owner        string `json:"owner"`
-	Name        string `json:"name"`
+	Name         string `json:"name"`
-	Description string `json:"description"`
+	Description  string `json:"description"`
-	Private     bool   `json:"private"`
+	Private      bool   `json:"private"`
 	TemplateName string `json:"template_name"`
 }
 type createProjectResult struct {
@@ -91,13 +93,20 @@ func (t *CreateProjectFromTemplate) Call(ctx context.Context, raw json.RawMessag
 		return nil, fmt.Errorf("name %q does not match pattern %s: %w", args.Name, nameRe.String(), gitea.ErrValidation)
 	}
 	// Resolve template: per-call override takes precedence over the
 	// server-configured default. Owner stays server-configured.
 	tmplName := args.TemplateName
 	if tmplName == "" {
 		tmplName = t.templateName
 	}
 	// Verify template exists and is marked as a template repo.
-	tmpl, err := t.c.GetRepo(ctx, t.templateOwner, t.templateName)
+	tmpl, err := t.c.GetRepo(ctx, t.templateOwner, tmplName)
 	if err != nil {
 		return nil, fmt.Errorf("template lookup: %w", err)
 	}
 	if !tmpl.Template {
-		return nil, fmt.Errorf("repo %s/%s is not marked as template: %w", t.templateOwner, t.templateName, gitea.ErrValidation)
+		return nil, fmt.Errorf("repo %s/%s is not marked as template: %w", t.templateOwner, tmplName, gitea.ErrValidation)
 	}
 	// Verify destination doesn't already exist.
@@ -108,7 +117,7 @@ func (t *CreateProjectFromTemplate) Call(ctx context.Context, raw json.RawMessag
 	}
 	// Generate repo from template.
-	newRepo, err := t.c.GenerateFromTemplate(ctx, t.templateOwner, t.templateName, gitea.GenerateFromTemplateArgs{
+	newRepo, err := t.c.GenerateFromTemplate(ctx, t.templateOwner, tmplName, gitea.GenerateFromTemplateArgs{
 		Owner:       args.Owner,
 		Name:        args.Name,
 		Description: args.Description,
--- a/internal/tools/create_project_from_template_test.go
+++ b/internal/tools/create_project_from_template_test.go
@@ -122,6 +122,62 @@ func TestCreateProjectHappyPath(t *testing.T) {
 	assert.Empty(t, out.PartialFailure)
 }
 // TestCreateProjectTemplateNameOverride (issue #24): per-call template_name overrides the
 // server-configured default, so the same binary can generate from template-go-web or
 // template-go-agent without restart.
 func TestCreateProjectTemplateNameOverride(t *testing.T) {
 	var templateLookups, generateCalls []string
 	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		w.Header().Set("Content-Type", "application/json")
 		switch {
 		case r.Method == http.MethodGet && r.URL.Path == "/api/v1/repos/mathias/template-go-agent":
 			templateLookups = append(templateLookups, "template-go-agent")
 			_, _ = w.Write([]byte(newTemplateRepoJSON("template-go-agent", true)))
 		case r.Method == http.MethodGet && r.URL.Path == "/api/v1/repos/mathias/template-go-web":
 			templateLookups = append(templateLookups, "template-go-web")
 			_, _ = w.Write([]byte(newTemplateRepoJSON("template-go-web", true)))
 		case r.Method == http.MethodGet && r.URL.Path == "/api/v1/repos/mathias/new-agent":
 			w.WriteHeader(http.StatusNotFound)
 			_, _ = w.Write([]byte(`{"message":"not found"}`))
 		case r.Method == http.MethodPost && strings.HasSuffix(r.URL.Path, "/generate"):
 			generateCalls = append(generateCalls, r.URL.Path)
 			w.WriteHeader(http.StatusCreated)
 			_, _ = w.Write([]byte(newGeneratedRepoJSON("new-agent")))
 		case r.Method == http.MethodGet && strings.HasPrefix(r.URL.Path, "/api/v1/repos/mathias/new-agent/contents/"):
 			filePath := strings.TrimPrefix(r.URL.Path, "/api/v1/repos/mathias/new-agent/contents/")
 			_, _ = w.Write([]byte(fileContentsJSON(filePath)))
 		case r.Method == http.MethodPut && strings.HasPrefix(r.URL.Path, "/api/v1/repos/mathias/new-agent/contents/"):
 			filePath := strings.TrimPrefix(r.URL.Path, "/api/v1/repos/mathias/new-agent/contents/")
 			w.WriteHeader(http.StatusOK)
 			_, _ = w.Write([]byte(fileWriteResultJSON(filePath)))
 		default:
 			t.Errorf("unexpected request: %s %s", r.Method, r.URL.Path)
 			w.WriteHeader(http.StatusNotFound)
 		}
 	}))
 	defer srv.Close()
 	// Server is configured with template-go-web as the default; call overrides to template-go-agent.
 	tool := newCreateProjectTool(srv.URL)
 	_, err := tool.Call(context.Background(), json.RawMessage(
 		`{"owner":"mathias","name":"new-agent","template_name":"template-go-agent"}`,
 	))
 	require.NoError(t, err)
 	assert.Equal(t, []string{"template-go-agent"}, templateLookups,
 		"override must direct the template lookup, not the server default")
 	require.Len(t, generateCalls, 1)
 	assert.Equal(t, "/api/v1/repos/mathias/template-go-agent/generate", generateCalls[0],
 		"override must direct the /generate call too")
 }
 // TestCreateProjectNameRegexFailure: invalid name returns ErrValidation without hitting network.
 func TestCreateProjectNameRegexFailure(t *testing.T) {
 	tool := tools.NewCreateProjectFromTemplate(
--- a/internal/tools/file_read_test.go
+++ b/internal/tools/file_read_test.go
@@ -57,21 +57,6 @@ func TestFileReadToolDefaultBranchResolution(t *testing.T) {
 	assert.Equal(t, "main", result["ref"])
 }
 func TestFileReadOnDirReturnsDescriptiveError(t *testing.T) {
 	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		// Gitea returns an array when path is a directory
 		w.Header().Set("Content-Type", "application/json")
 		_, _ = w.Write([]byte(`[{"name":"README.md","path":"internal/README.md","type":"file","sha":"abc"}]`))
 	}))
 	defer srv.Close()
 	tool := tools.NewFileRead(gitea.NewClient(srv.URL, "tok"), allowlist.New([]string{"mathias"}))
 	_, err := tool.Call(context.Background(), json.RawMessage(`{"owner":"mathias","name":"infra","path":"internal","ref":"main"}`))
 	require.Error(t, err)
 	assert.Contains(t, err.Error(), "directory")
 	assert.Contains(t, err.Error(), "dir_list")
 }
 func TestFileReadAllowlistRejects(t *testing.T) {
 	tool := tools.NewFileRead(gitea.NewClient("http://unused", ""), allowlist.New([]string{"mathias"}))
 	_, err := tool.Call(context.Background(), json.RawMessage(`{"owner":"evil","name":"infra","path":"README.md"}`))
--- a/internal/tools/pr_files_diff.go
+++ b/internal/tools/pr_files_diff.go
@@ -143,7 +143,13 @@ func splitUnifiedDiff(d []byte) map[string][]byte {
 	flush := func() {
 		if currentFile != "" {
-			m[currentFile] = current.Bytes()
+			// Copy: bytes.Buffer.Bytes() returns the internal slice,
 			// which Reset() then reuses. Without the copy, every map
 			// entry ends up aliased to the last file's data.
 			b := current.Bytes()
 			cp := make([]byte, len(b))
 			copy(cp, b)
 			m[currentFile] = cp
 			current.Reset()
 		}
 	}
--- a/internal/tools/pr_files_diff_test.go
+++ b/internal/tools/pr_files_diff_test.go
@@ -97,6 +97,47 @@ func TestPRFilesDiffSmall(t *testing.T) {
 	assert.ElementsMatch(t, fileNames, paths)
 }
 // Regression for issue #25: every file's diff entry must contain its OWN diff,
 // not a shared buffer pointing at the last file. Prior bug: splitUnifiedDiff
 // flushed bytes.Buffer.Bytes() into the map without copying, so every entry
 // aliased the buffer's backing array and showed the last file's content.
 func TestPRFilesDiffPerFileIsolation(t *testing.T) {
 	fileNames := []string{"alpha.go", "beta.go", "gamma.go", "delta.go"}
 	rawDiff := buildDiff(fileNames, 5)
 	filesJSON := buildFilesJSON(fileNames, 5)
 	srv := newPRFilesDiffServer(t, filesJSON, rawDiff)
 	defer srv.Close()
 	tool := tools.NewPRFilesDiff(gitea.NewClient(srv.URL, "tok"), allowlist.New([]string{"o"}))
 	result, err := tool.Call(context.Background(), json.RawMessage(`{"owner":"o","name":"r","number":1}`))
 	require.NoError(t, err)
 	var out struct {
 		Files []struct {
 			Path string `json:"path"`
 			Diff string `json:"diff"`
 		} `json:"files"`
 	}
 	require.NoError(t, json.Unmarshal(result, &out))
 	require.Len(t, out.Files, len(fileNames))
 	for _, f := range out.Files {
 		expected := fmt.Sprintf("diff --git a/%s b/%s", f.Path, f.Path)
 		assert.Contains(t, f.Diff, expected,
 			"file %s diff must contain its own header, got: %.80q", f.Path, f.Diff)
 		// No other file's header should leak in.
 		for _, other := range fileNames {
 			if other == f.Path {
 				continue
 			}
 			otherHeader := fmt.Sprintf("diff --git a/%s b/%s", other, other)
 			assert.NotContains(t, f.Diff, otherHeader,
 				"file %s diff must NOT contain %s's header", f.Path, other)
 		}
 	}
 }
 func TestPRFilesDiffPerFileTruncated(t *testing.T) {
 	// One file with a 30KB diff (each "+abcdefghij\n" = 12 bytes; 30KB / 12 ≈ 2560 lines).
 	fileNames := []string{"bigfile.go"}
--- a/internal/tools/repo_create.go
+++ b/internal/tools/repo_create.go
@@ -1,74 +0,0 @@
 package tools
 import (
 	"context"
 	"encoding/json"
 	"gitea.d-ma.be/mathias/gitea-mcp/internal/allowlist"
 	"gitea.d-ma.be/mathias/gitea-mcp/internal/gitea"
 	"gitea.d-ma.be/mathias/gitea-mcp/internal/registry"
 )
 type RepoCreate struct {
 	c *gitea.Client
 	a *allowlist.Allowlist
 }
 func NewRepoCreate(c *gitea.Client, a *allowlist.Allowlist) *RepoCreate {
 	return &RepoCreate{c: c, a: a}
 }
 func (t *RepoCreate) Descriptor() registry.ToolDescriptor {
 	return registry.ToolDescriptor{
 		Name:        "repo_create",
 		Description: "Create a repository for the authenticated user or an organisation.",
 		InputSchema: json.RawMessage(`{
 			"type":"object",
 			"properties":{
 				"owner":{"type":"string","description":"Username or org name (used for allowlist check)."},
 				"name":{"type":"string","description":"Repository name."},
 				"description":{"type":"string"},
 				"private":{"type":"boolean","description":"Create as private. Default false."},
 				"auto_init":{"type":"boolean","description":"Initialise with README."},
 				"default_branch":{"type":"string","description":"Default branch name. Default 'main'."},
 				"is_org":{"type":"boolean","description":"When true, create under the organisation named in 'owner'."}
 			},
 			"required":["owner","name"]
 		}`),
 	}
 }
 type repoCreateArgs struct {
 	Owner         string `json:"owner"`
 	Name          string `json:"name"`
 	Description   string `json:"description"`
 	Private       bool   `json:"private"`
 	AutoInit      bool   `json:"auto_init"`
 	DefaultBranch string `json:"default_branch"`
 	IsOrg         bool   `json:"is_org"`
 }
 func (t *RepoCreate) Call(ctx context.Context, raw json.RawMessage) (json.RawMessage, error) {
 	var args repoCreateArgs
 	if err := parseArgs(raw, &args); err != nil {
 		return nil, err
 	}
 	if err := t.a.Check(args.Owner); err != nil {
 		return nil, err
 	}
 	createArgs := gitea.CreateRepoArgs{
 		Name:          args.Name,
 		Description:   args.Description,
 		Private:       args.Private,
 		AutoInit:      args.AutoInit,
 		DefaultBranch: args.DefaultBranch,
 	}
 	if args.IsOrg {
 		createArgs.Org = args.Owner
 	}
 	r, err := t.c.CreateRepo(ctx, createArgs)
 	if err != nil {
 		return nil, err
 	}
 	return textOK(r)
 }
--- a/internal/tools/repo_create_test.go
+++ b/internal/tools/repo_create_test.go
@@ -1,53 +0,0 @@
 package tools_test
 import (
 	"context"
 	"encoding/json"
 	"net/http"
 	"net/http/httptest"
 	"testing"
 	"gitea.d-ma.be/mathias/gitea-mcp/internal/allowlist"
 	"gitea.d-ma.be/mathias/gitea-mcp/internal/gitea"
 	"gitea.d-ma.be/mathias/gitea-mcp/internal/tools"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
 func TestRepoCreateTool_User(t *testing.T) {
 	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		assert.Equal(t, http.MethodPost, r.Method)
 		assert.Equal(t, "/api/v1/user/repos", r.URL.Path)
 		w.Header().Set("Content-Type", "application/json")
 		w.WriteHeader(http.StatusCreated)
 		_, _ = w.Write([]byte(`{"name":"infra","full_name":"mathias/infra","default_branch":"main","private":true,"clone_url":"https://gitea.example.com/mathias/infra.git","html_url":"https://gitea.example.com/mathias/infra"}`))
 	}))
 	defer srv.Close()
 	tool := tools.NewRepoCreate(gitea.NewClient(srv.URL, "tok"), allowlist.New([]string{"mathias"}))
 	out, err := tool.Call(context.Background(), json.RawMessage(`{"owner":"mathias","name":"infra","private":true}`))
 	require.NoError(t, err)
 	assert.Contains(t, string(out), `"full_name":"mathias/infra"`)
 	assert.Contains(t, string(out), `"clone_url"`)
 }
 func TestRepoCreateTool_Org(t *testing.T) {
 	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		assert.Equal(t, "/api/v1/orgs/hyperguild/repos", r.URL.Path)
 		w.Header().Set("Content-Type", "application/json")
 		w.WriteHeader(http.StatusCreated)
 		_, _ = w.Write([]byte(`{"name":"infra","full_name":"hyperguild/infra","default_branch":"main","private":false,"clone_url":"https://gitea.example.com/hyperguild/infra.git","html_url":"https://gitea.example.com/hyperguild/infra"}`))
 	}))
 	defer srv.Close()
 	tool := tools.NewRepoCreate(gitea.NewClient(srv.URL, "tok"), allowlist.New([]string{"hyperguild"}))
 	out, err := tool.Call(context.Background(), json.RawMessage(`{"owner":"hyperguild","name":"infra","is_org":true}`))
 	require.NoError(t, err)
 	assert.Contains(t, string(out), `"full_name":"hyperguild/infra"`)
 }
 func TestRepoCreateAllowlistRejects(t *testing.T) {
 	tool := tools.NewRepoCreate(gitea.NewClient("http://unused", ""), allowlist.New([]string{"mathias"}))
 	_, err := tool.Call(context.Background(), json.RawMessage(`{"owner":"evil","name":"x"}`))
 	require.Error(t, err)
 }
--- a/internal/tools/repo_mirror_push.go
+++ b/internal/tools/repo_mirror_push.go
@@ -1,117 +0,0 @@
 package tools
 import (
 	"context"
 	"encoding/json"
 	"fmt"
 	"gitea.d-ma.be/mathias/gitea-mcp/internal/allowlist"
 	"gitea.d-ma.be/mathias/gitea-mcp/internal/gitea"
 	"gitea.d-ma.be/mathias/gitea-mcp/internal/registry"
 )
 type RepoMirrorPush struct {
 	c *gitea.Client
 	a *allowlist.Allowlist
 }
 func NewRepoMirrorPush(c *gitea.Client, a *allowlist.Allowlist) *RepoMirrorPush {
 	return &RepoMirrorPush{c: c, a: a}
 }
 func (t *RepoMirrorPush) Descriptor() registry.ToolDescriptor {
 	return registry.ToolDescriptor{
 		Name:        "repo_mirror_push",
 		Description: "Manage push mirrors for a repository: add, list, or delete.",
 		InputSchema: json.RawMessage(`{
 			"type":"object",
 			"properties":{
 				"owner":{"type":"string"},
 				"name":{"type":"string"},
 				"action":{"type":"string","enum":["add","list","delete"]},
 				"remote_address":{"type":"string","description":"Mirror target URL (required for add)."},
 				"remote_username":{"type":"string"},
 				"remote_password":{"type":"string","description":"Never logged or returned."},
 				"interval":{"type":"string","description":"Sync interval, e.g. '8h0m0s'."},
 				"sync_on_commit":{"type":"boolean"},
 				"mirror_name":{"type":"string","description":"Remote name to delete (required for delete)."}
 			},
 			"required":["owner","name","action"]
 		}`),
 	}
 }
 type repoMirrorPushArgs struct {
 	Owner          string `json:"owner"`
 	Name           string `json:"name"`
 	Action         string `json:"action"`
 	RemoteAddress  string `json:"remote_address"`
 	RemoteUsername string `json:"remote_username"`
 	RemotePassword string `json:"remote_password"`
 	Interval       string `json:"interval"`
 	SyncOnCommit   bool   `json:"sync_on_commit"`
 	MirrorName     string `json:"mirror_name"`
 }
 // safeMirror omits remote_password so it is never returned to the caller.
 type safeMirror struct {
 	ID            int    `json:"id"`
 	RemoteName    string `json:"remote_name"`
 	RemoteAddress string `json:"remote_address"`
 	Interval      string `json:"interval"`
 	SyncOnCommit  bool   `json:"sync_on_commit"`
 }
 func toSafeMirror(m *gitea.PushMirror) safeMirror {
 	return safeMirror{
 		ID:            m.ID,
 		RemoteName:    m.RemoteName,
 		RemoteAddress: m.RemoteAddress,
 		Interval:      m.Interval,
 		SyncOnCommit:  m.SyncOnCommit,
 	}
 }
 func (t *RepoMirrorPush) Call(ctx context.Context, raw json.RawMessage) (json.RawMessage, error) {
 	var args repoMirrorPushArgs
 	if err := parseArgs(raw, &args); err != nil {
 		return nil, err
 	}
 	if err := t.a.Check(args.Owner); err != nil {
 		return nil, err
 	}
 	switch args.Action {
 	case "add":
 		m, err := t.c.AddPushMirror(ctx, args.Owner, args.Name, gitea.AddPushMirrorArgs{
 			RemoteAddress:  args.RemoteAddress,
 			RemoteUsername: args.RemoteUsername,
 			RemotePassword: args.RemotePassword,
 			Interval:       args.Interval,
 			SyncOnCommit:   args.SyncOnCommit,
 		})
 		if err != nil {
 			return nil, err
 		}
 		return textOK(toSafeMirror(m))
 	case "list":
 		mirrors, err := t.c.ListPushMirrors(ctx, args.Owner, args.Name)
 		if err != nil {
 			return nil, err
 		}
 		safe := make([]safeMirror, len(mirrors))
 		for i := range mirrors {
 			safe[i] = toSafeMirror(&mirrors[i])
 		}
 		return textOK(safe)
 	case "delete":
 		if args.MirrorName == "" {
 			return nil, fmt.Errorf("mirror_name is required for action=delete")
 		}
 		if err := t.c.DeletePushMirror(ctx, args.Owner, args.Name, args.MirrorName); err != nil {
 			return nil, err
 		}
 		return textOK(map[string]string{"status": "deleted", "mirror_name": args.MirrorName})
 	default:
 		return nil, fmt.Errorf("unknown action %q: must be add, list, or delete", args.Action)
 	}
 }
--- a/internal/tools/repo_mirror_push_test.go
+++ b/internal/tools/repo_mirror_push_test.go
@@ -1,80 +0,0 @@
 package tools_test
 import (
 	"context"
 	"encoding/json"
 	"net/http"
 	"net/http/httptest"
 	"testing"
 	"gitea.d-ma.be/mathias/gitea-mcp/internal/allowlist"
 	"gitea.d-ma.be/mathias/gitea-mcp/internal/gitea"
 	"gitea.d-ma.be/mathias/gitea-mcp/internal/tools"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
 func TestRepoMirrorPushTool_Add(t *testing.T) {
 	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		assert.Equal(t, http.MethodPost, r.Method)
 		assert.Equal(t, "/api/v1/repos/mathias/infra/push_mirrors", r.URL.Path)
 		w.Header().Set("Content-Type", "application/json")
 		w.WriteHeader(http.StatusCreated)
 		_, _ = w.Write([]byte(`{"id":1,"remote_name":"mirror-github","remote_address":"https://github.com/mathias/infra.git","interval":"8h0m0s","sync_on_commit":true}`))
 	}))
 	defer srv.Close()
 	tool := tools.NewRepoMirrorPush(gitea.NewClient(srv.URL, "tok"), allowlist.New([]string{"mathias"}))
 	out, err := tool.Call(context.Background(), json.RawMessage(`{
 		"owner":"mathias","name":"infra","action":"add",
 		"remote_address":"https://github.com/mathias/infra.git",
 		"remote_username":"mathias","remote_password":"secret",
 		"interval":"8h0m0s","sync_on_commit":true
 	}`))
 	require.NoError(t, err)
 	// password must never appear in output
 	assert.NotContains(t, string(out), "secret")
 	assert.Contains(t, string(out), `"remote_name":"mirror-github"`)
 }
 func TestRepoMirrorPushTool_List(t *testing.T) {
 	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		assert.Equal(t, http.MethodGet, r.Method)
 		assert.Equal(t, "/api/v1/repos/mathias/infra/push_mirrors", r.URL.Path)
 		w.Header().Set("Content-Type", "application/json")
 		_, _ = w.Write([]byte(`[{"id":1,"remote_name":"mirror-github","remote_address":"https://github.com/mathias/infra.git","interval":"8h0m0s","sync_on_commit":true}]`))
 	}))
 	defer srv.Close()
 	tool := tools.NewRepoMirrorPush(gitea.NewClient(srv.URL, "tok"), allowlist.New([]string{"mathias"}))
 	out, err := tool.Call(context.Background(), json.RawMessage(`{"owner":"mathias","name":"infra","action":"list"}`))
 	require.NoError(t, err)
 	assert.Contains(t, string(out), `"remote_name":"mirror-github"`)
 }
 func TestRepoMirrorPushTool_Delete(t *testing.T) {
 	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		assert.Equal(t, http.MethodDelete, r.Method)
 		assert.Equal(t, "/api/v1/repos/mathias/infra/push_mirrors/mirror-github", r.URL.Path)
 		w.WriteHeader(http.StatusNoContent)
 	}))
 	defer srv.Close()
 	tool := tools.NewRepoMirrorPush(gitea.NewClient(srv.URL, "tok"), allowlist.New([]string{"mathias"}))
 	out, err := tool.Call(context.Background(), json.RawMessage(`{"owner":"mathias","name":"infra","action":"delete","mirror_name":"mirror-github"}`))
 	require.NoError(t, err)
 	assert.Contains(t, string(out), "deleted")
 }
 func TestRepoMirrorPushTool_DeleteRequiresMirrorName(t *testing.T) {
 	tool := tools.NewRepoMirrorPush(gitea.NewClient("http://unused", ""), allowlist.New([]string{"mathias"}))
 	_, err := tool.Call(context.Background(), json.RawMessage(`{"owner":"mathias","name":"infra","action":"delete"}`))
 	require.Error(t, err)
 	assert.Contains(t, err.Error(), "mirror_name")
 }
 func TestRepoMirrorPushTool_AllowlistRejects(t *testing.T) {
 	tool := tools.NewRepoMirrorPush(gitea.NewClient("http://unused", ""), allowlist.New([]string{"mathias"}))
 	_, err := tool.Call(context.Background(), json.RawMessage(`{"owner":"evil","name":"x","action":"list"}`))
 	require.Error(t, err)
 }
--- a/internal/tools/repo_topics_update.go
+++ b/internal/tools/repo_topics_update.go
@@ -1,55 +0,0 @@
 package tools
 import (
 	"context"
 	"encoding/json"
 	"gitea.d-ma.be/mathias/gitea-mcp/internal/allowlist"
 	"gitea.d-ma.be/mathias/gitea-mcp/internal/gitea"
 	"gitea.d-ma.be/mathias/gitea-mcp/internal/registry"
 )
 type RepoTopicsUpdate struct {
 	c *gitea.Client
 	a *allowlist.Allowlist
 }
 func NewRepoTopicsUpdate(c *gitea.Client, a *allowlist.Allowlist) *RepoTopicsUpdate {
 	return &RepoTopicsUpdate{c: c, a: a}
 }
 func (t *RepoTopicsUpdate) Descriptor() registry.ToolDescriptor {
 	return registry.ToolDescriptor{
 		Name:        "repo_topics_update",
 		Description: "Replace the topic list for a repository.",
 		InputSchema: json.RawMessage(`{
 			"type":"object",
 			"properties":{
 				"owner":{"type":"string"},
 				"name":{"type":"string"},
 				"topics":{"type":"array","items":{"type":"string"},"description":"Full replacement list. Send [] to clear all topics."}
 			},
 			"required":["owner","name","topics"]
 		}`),
 	}
 }
 type repoTopicsUpdateArgs struct {
 	Owner  string   `json:"owner"`
 	Name   string   `json:"name"`
 	Topics []string `json:"topics"`
 }
 func (t *RepoTopicsUpdate) Call(ctx context.Context, raw json.RawMessage) (json.RawMessage, error) {
 	var args repoTopicsUpdateArgs
 	if err := parseArgs(raw, &args); err != nil {
 		return nil, err
 	}
 	if err := t.a.Check(args.Owner); err != nil {
 		return nil, err
 	}
 	if err := t.c.UpdateTopics(ctx, args.Owner, args.Name, args.Topics); err != nil {
 		return nil, err
 	}
 	return textOK(map[string]any{"status": "updated", "topics": args.Topics})
 }
--- a/internal/tools/repo_topics_update_test.go
+++ b/internal/tools/repo_topics_update_test.go
@@ -1,35 +0,0 @@
 package tools_test
 import (
 	"context"
 	"encoding/json"
 	"net/http"
 	"net/http/httptest"
 	"testing"
 	"gitea.d-ma.be/mathias/gitea-mcp/internal/allowlist"
 	"gitea.d-ma.be/mathias/gitea-mcp/internal/gitea"
 	"gitea.d-ma.be/mathias/gitea-mcp/internal/tools"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
 func TestRepoTopicsUpdateTool(t *testing.T) {
 	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		assert.Equal(t, http.MethodPut, r.Method)
 		assert.Equal(t, "/api/v1/repos/mathias/infra/topics", r.URL.Path)
 		w.WriteHeader(http.StatusNoContent)
 	}))
 	defer srv.Close()
 	tool := tools.NewRepoTopicsUpdate(gitea.NewClient(srv.URL, "tok"), allowlist.New([]string{"mathias"}))
 	out, err := tool.Call(context.Background(), json.RawMessage(`{"owner":"mathias","name":"infra","topics":["go","mcp","gitops"]}`))
 	require.NoError(t, err)
 	assert.Contains(t, string(out), "updated")
 }
 func TestRepoTopicsUpdateAllowlistRejects(t *testing.T) {
 	tool := tools.NewRepoTopicsUpdate(gitea.NewClient("http://unused", ""), allowlist.New([]string{"mathias"}))
 	_, err := tool.Call(context.Background(), json.RawMessage(`{"owner":"evil","name":"x","topics":[]}`))
 	require.Error(t, err)
 }
--- a/internal/tools/repo_tree.go
+++ b/internal/tools/repo_tree.go
@@ -1,56 +0,0 @@
 package tools
 import (
 	"context"
 	"encoding/json"
 	"gitea.d-ma.be/mathias/gitea-mcp/internal/allowlist"
 	"gitea.d-ma.be/mathias/gitea-mcp/internal/gitea"
 	"gitea.d-ma.be/mathias/gitea-mcp/internal/registry"
 )
 type RepoTree struct {
 	c *gitea.Client
 	a *allowlist.Allowlist
 }
 func NewRepoTree(c *gitea.Client, a *allowlist.Allowlist) *RepoTree {
 	return &RepoTree{c: c, a: a}
 }
 func (t *RepoTree) Descriptor() registry.ToolDescriptor {
 	return registry.ToolDescriptor{
 		Name:        "repo_tree",
 		Description: "Get the full recursive file tree for a repo ref (branch, tag, or SHA).",
 		InputSchema: json.RawMessage(`{
 			"type":"object",
 			"properties":{
 				"owner":{"type":"string"},
 				"name":{"type":"string"},
 				"ref":{"type":"string","description":"Branch, tag, or commit SHA."}
 			},
 			"required":["owner","name","ref"]
 		}`),
 	}
 }
 type repoTreeArgs struct {
 	Owner string `json:"owner"`
 	Name  string `json:"name"`
 	Ref   string `json:"ref"`
 }
 func (t *RepoTree) Call(ctx context.Context, raw json.RawMessage) (json.RawMessage, error) {
 	var args repoTreeArgs
 	if err := parseArgs(raw, &args); err != nil {
 		return nil, err
 	}
 	if err := t.a.Check(args.Owner); err != nil {
 		return nil, err
 	}
 	tree, err := t.c.GetTree(ctx, args.Owner, args.Name, args.Ref, true)
 	if err != nil {
 		return nil, err
 	}
 	return textOK(tree)
 }
--- a/internal/tools/repo_tree_test.go
+++ b/internal/tools/repo_tree_test.go
@@ -1,50 +0,0 @@
 package tools_test
 import (
 	"context"
 	"encoding/json"
 	"net/http"
 	"net/http/httptest"
 	"testing"
 	"gitea.d-ma.be/mathias/gitea-mcp/internal/allowlist"
 	"gitea.d-ma.be/mathias/gitea-mcp/internal/gitea"
 	"gitea.d-ma.be/mathias/gitea-mcp/internal/tools"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
 func TestRepoTreeTool(t *testing.T) {
 	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		assert.Equal(t, "/api/v1/repos/mathias/infra/git/trees/main", r.URL.Path)
 		assert.Equal(t, "1", r.URL.Query().Get("recursive"))
 		w.Header().Set("Content-Type", "application/json")
 		_, _ = w.Write([]byte(`{"sha":"abc","url":"http://x","tree":[{"path":"README.md","type":"blob","sha":"def","size":13},{"path":"internal","type":"tree","sha":"ghi","size":0}],"truncated":false}`))
 	}))
 	defer srv.Close()
 	tool := tools.NewRepoTree(gitea.NewClient(srv.URL, "tok"), allowlist.New([]string{"mathias"}))
 	out, err := tool.Call(context.Background(), json.RawMessage(`{"owner":"mathias","name":"infra","ref":"main"}`))
 	require.NoError(t, err)
 	assert.Contains(t, string(out), `"sha":"abc"`)
 	assert.Contains(t, string(out), `"path":"README.md"`)
 }
 func TestRepoTreeTool_DefaultsToRecursive(t *testing.T) {
 	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		assert.Equal(t, "1", r.URL.Query().Get("recursive"))
 		w.Header().Set("Content-Type", "application/json")
 		_, _ = w.Write([]byte(`{"sha":"abc","tree":[],"truncated":false}`))
 	}))
 	defer srv.Close()
 	tool := tools.NewRepoTree(gitea.NewClient(srv.URL, "tok"), allowlist.New([]string{"mathias"}))
 	_, err := tool.Call(context.Background(), json.RawMessage(`{"owner":"mathias","name":"infra","ref":"main"}`))
 	require.NoError(t, err)
 }
 func TestRepoTreeAllowlistRejects(t *testing.T) {
 	tool := tools.NewRepoTree(gitea.NewClient("http://unused", ""), allowlist.New([]string{"mathias"}))
 	_, err := tool.Call(context.Background(), json.RawMessage(`{"owner":"evil","name":"x","ref":"main"}`))
 	require.Error(t, err)
 }
--- a/internal/tools/repo_update.go
+++ b/internal/tools/repo_update.go
@@ -21,17 +21,21 @@ func NewRepoUpdate(c *gitea.Client, a *allowlist.Allowlist) *RepoUpdate {
 func (t *RepoUpdate) Descriptor() registry.ToolDescriptor {
 	return registry.ToolDescriptor{
-		Name:        "repo_update",
+		Name: "repo_update",
-		Description: "Update repository metadata (description, visibility, default branch, website).",
+		Description: "Update repository metadata (description, visibility, default branch, website, archived, template). " +
 			"Only fields explicitly set in the call are patched. " +
 			"WARNING: private=false exposes the repo publicly — verify intent before calling.",
 		InputSchema: json.RawMessage(`{
 			"type":"object",
 			"properties":{
 				"owner":{"type":"string"},
 				"name":{"type":"string"},
 				"description":{"type":"string"},
-				"private":{"type":"boolean"},
+				"private":{"type":"boolean","description":"Toggle visibility. false makes the repo public."},
-				"website":{"type":"string"},
+				"website":{"type":"string","description":"Homepage URL"},
-				"default_branch":{"type":"string"},
+				"default_branch":{"type":"string","description":"Rename the default branch"},
 				"archived":{"type":"boolean","description":"Mark repo as archived (read-only)."},
 				"template":{"type":"boolean","description":"Toggle template-repo flag"},
 				"confirm":{"type":"string","description":"Required when setting private=false. Must equal the repo name."}
 			},
 			"required":["owner","name"]
@@ -42,10 +46,12 @@ func (t *RepoUpdate) Descriptor() registry.ToolDescriptor {
 type repoUpdateArgs struct {
 	Owner         string  `json:"owner"`
 	Name          string  `json:"name"`
-	Description   *string `json:"description"`
+	Description   *string `json:"description,omitempty"`
-	Private       *bool   `json:"private"`
+	Private       *bool   `json:"private,omitempty"`
-	Website       *string `json:"website"`
+	Website       *string `json:"website,omitempty"`
-	DefaultBranch *string `json:"default_branch"`
+	DefaultBranch *string `json:"default_branch,omitempty"`
 	Archived      *bool   `json:"archived,omitempty"`
 	Template      *bool   `json:"template,omitempty"`
 	Confirm       string  `json:"confirm"`
 }
@@ -57,17 +63,26 @@ func (t *RepoUpdate) Call(ctx context.Context, raw json.RawMessage) (json.RawMes
 	if err := t.a.Check(args.Owner); err != nil {
 		return nil, err
 	}
 	// Making a repo public is a significant action — require explicit confirmation.
 	if args.Private != nil && !*args.Private {
 		if args.Confirm != args.Name {
 			return nil, fmt.Errorf("setting private=false makes the repo public: set confirm=%q to proceed", args.Name)
 		}
 	}
 	if args.Description == nil && args.Private == nil && args.Website == nil &&
 		args.DefaultBranch == nil && args.Archived == nil && args.Template == nil {
 		return nil, fmt.Errorf("at least one updatable field must be set: %w", gitea.ErrValidation)
 	}
 	r, err := t.c.UpdateRepo(ctx, args.Owner, args.Name, gitea.UpdateRepoArgs{
 		Description:   args.Description,
 		Private:       args.Private,
 		Website:       args.Website,
 		DefaultBranch: args.DefaultBranch,
 		Archived:      args.Archived,
 		Template:      args.Template,
 	})
 	if err != nil {
 		return nil, err
--- a/internal/tools/repo_update_test.go
+++ b/internal/tools/repo_update_test.go
@@ -3,6 +3,7 @@ package tools_test
 import (
 	"context"
 	"encoding/json"
 	"io"
 	"net/http"
 	"net/http/httptest"
 	"testing"
@@ -14,43 +15,125 @@ import (
 	"github.com/stretchr/testify/require"
 )
-func TestRepoUpdateTool(t *testing.T) {
+func newRepoUpdateTool(srvURL string) *tools.RepoUpdate {
 	return tools.NewRepoUpdate(gitea.NewClient(srvURL, "tok"), allowlist.New([]string{"mathias"}))
 }
 // TestRepoUpdateArchive: happy path — set archived=true.
 func TestRepoUpdateArchive(t *testing.T) {
 	var patchedBody []byte
 	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		assert.Equal(t, http.MethodPatch, r.Method)
+		require.Equal(t, http.MethodPatch, r.Method)
-		assert.Equal(t, "/api/v1/repos/mathias/infra", r.URL.Path)
+		require.Equal(t, "/api/v1/repos/mathias/old-svc", r.URL.Path)
 		patchedBody, _ = io.ReadAll(r.Body)
 		w.Header().Set("Content-Type", "application/json")
-		_, _ = w.Write([]byte(`{"name":"infra","full_name":"mathias/infra","default_branch":"main","description":"updated","private":true,"clone_url":"https://gitea.example.com/mathias/infra.git","html_url":"https://gitea.example.com/mathias/infra"}`))
+		_, _ = w.Write([]byte(`{"name":"old-svc","full_name":"mathias/old-svc","default_branch":"main","template":false,"private":false}`))
 	}))
 	defer srv.Close()
-	tool := tools.NewRepoUpdate(gitea.NewClient(srv.URL, "tok"), allowlist.New([]string{"mathias"}))
+	tool := newRepoUpdateTool(srv.URL)
-	out, err := tool.Call(context.Background(), json.RawMessage(`{"owner":"mathias","name":"infra","description":"updated"}`))
+	result, err := tool.Call(context.Background(), json.RawMessage(
 		`{"owner":"mathias","name":"old-svc","archived":true}`,
 	))
 	require.NoError(t, err)
-	assert.Contains(t, string(out), `"description":"updated"`)
+
 	// Wire payload only contains the field that was actually set.
 	var sent map[string]any
 	require.NoError(t, json.Unmarshal(patchedBody, &sent))
 	assert.Equal(t, true, sent["archived"])
 	assert.NotContains(t, sent, "description")
 	assert.NotContains(t, sent, "private")
 	assert.NotContains(t, sent, "website")
 	assert.NotContains(t, sent, "template")
 	var repo gitea.Repo
 	require.NoError(t, json.Unmarshal(result, &repo))
 	assert.Equal(t, "mathias/old-svc", repo.FullName)
 }
-func TestRepoUpdateTool_MakePublicRequiresConfirm(t *testing.T) {
+// TestRepoUpdateMultipleFields: set description + template flag in one call.
-	tool := tools.NewRepoUpdate(gitea.NewClient("http://unused", ""), allowlist.New([]string{"mathias"}))
+func TestRepoUpdateMultipleFields(t *testing.T) {
-	_, err := tool.Call(context.Background(), json.RawMessage(`{"owner":"mathias","name":"infra","private":false}`))
+	var patchedBody []byte
 	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		patchedBody, _ = io.ReadAll(r.Body)
 		w.Header().Set("Content-Type", "application/json")
 		_, _ = w.Write([]byte(`{"name":"template-go-agent","full_name":"mathias/template-go-agent","description":"Go agent template","template":true}`))
 	}))
 	defer srv.Close()
 	tool := newRepoUpdateTool(srv.URL)
 	_, err := tool.Call(context.Background(), json.RawMessage(
 		`{"owner":"mathias","name":"template-go-agent","description":"Go agent template","template":true}`,
 	))
 	require.NoError(t, err)
 	var sent map[string]any
 	require.NoError(t, json.Unmarshal(patchedBody, &sent))
 	assert.Equal(t, "Go agent template", sent["description"])
 	assert.Equal(t, true, sent["template"])
 	assert.NotContains(t, sent, "archived")
 	assert.NotContains(t, sent, "private")
 }
 // TestRepoUpdateNoFieldsRejected: zero updatable fields → validation error before network.
 func TestRepoUpdateNoFieldsRejected(t *testing.T) {
 	tool := tools.NewRepoUpdate(
 		gitea.NewClient("http://unused", ""),
 		allowlist.New([]string{"mathias"}),
 	)
 	_, err := tool.Call(context.Background(), json.RawMessage(
 		`{"owner":"mathias","name":"some-repo"}`,
 	))
 	require.Error(t, err)
-	assert.Contains(t, err.Error(), "confirm")
+	assert.ErrorIs(t, err, gitea.ErrValidation)
 }
-func TestRepoUpdateTool_MakePublicWithConfirm(t *testing.T) {
+// TestRepoUpdateMakePublic: explicit private=false is allowed; wire payload carries the false.
 // (The destructive nature is warned about in the tool description, not blocked by the tool.)
 func TestRepoUpdateMakePublic(t *testing.T) {
 	var patchedBody []byte
 	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		patchedBody, _ = io.ReadAll(r.Body)
 		w.Header().Set("Content-Type", "application/json")
-		_, _ = w.Write([]byte(`{"name":"infra","full_name":"mathias/infra","default_branch":"main","private":false,"clone_url":"","html_url":""}`))
+		_, _ = w.Write([]byte(`{"name":"open-repo","full_name":"mathias/open-repo","private":false}`))
 	}))
 	defer srv.Close()
-	tool := tools.NewRepoUpdate(gitea.NewClient(srv.URL, "tok"), allowlist.New([]string{"mathias"}))
+	tool := newRepoUpdateTool(srv.URL)
-	out, err := tool.Call(context.Background(), json.RawMessage(`{"owner":"mathias","name":"infra","private":false,"confirm":"infra"}`))
+	_, err := tool.Call(context.Background(), json.RawMessage(
 		`{"owner":"mathias","name":"open-repo","private":false}`,
 	))
 	require.NoError(t, err)
-	assert.Contains(t, string(out), `"full_name":"mathias/infra"`)
+
 	var sent map[string]any
 	require.NoError(t, json.Unmarshal(patchedBody, &sent))
 	assert.Equal(t, false, sent["private"])
 }
 // TestRepoUpdateAllowlistRejects: owner outside allowlist denied without network call.
 func TestRepoUpdateAllowlistRejects(t *testing.T) {
-	tool := tools.NewRepoUpdate(gitea.NewClient("http://unused", ""), allowlist.New([]string{"mathias"}))
+	tool := tools.NewRepoUpdate(
-	_, err := tool.Call(context.Background(), json.RawMessage(`{"owner":"evil","name":"x"}`))
+		gitea.NewClient("http://unused", ""),
 		allowlist.New([]string{"mathias"}),
 	)
 	_, err := tool.Call(context.Background(), json.RawMessage(
 		`{"owner":"evil","name":"some-repo","archived":true}`,
 	))
 	require.Error(t, err)
 }
 // TestRepoUpdateUpstreamError: server 500 propagates as ErrUpstream.
 func TestRepoUpdateUpstreamError(t *testing.T) {
 	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) {
 		w.WriteHeader(http.StatusInternalServerError)
 		_, _ = w.Write([]byte(`{"message":"internal"}`))
 	}))
 	defer srv.Close()
 	tool := newRepoUpdateTool(srv.URL)
 	_, err := tool.Call(context.Background(), json.RawMessage(
 		`{"owner":"mathias","name":"some-repo","archived":true}`,
 	))
 	require.Error(t, err)
 	assert.ErrorIs(t, err, gitea.ErrUpstream)
 }
Author	SHA1	Message	Date
mathias	4122e1f2ae	fix: merge repo_update — add archived+template, keep default_branch+confirm from main Some checks failed CD / Lint / Test / Vet (pull_request) Failing after 4s Details CD / Build & Import (pull_request) Has been skipped Details CD / Deploy via GitOps (pull_request) Has been skipped Details	2026-05-16 21:17:40 +00:00
Mathias	d74b196db1	feat(repo_update): tool for archiving + metadata patches All checks were successful CD / Lint / Test / Vet (pull_request) Successful in 7s Details CD / Build & Import (pull_request) Has been skipped Details CD / Deploy via GitOps (pull_request) Has been skipped Details Adds a repo_update tool exposing PATCH /api/v1/repos/{owner}/{name} with optional pointer fields (archived, description, private, website, template). Only fields set by the caller are sent on the wire, so the server patches exactly what was asked for. Originally needed to archive ingestion-svc cleanly instead of leaving a README tombstone, and to flip template-go-{agent,web} to template=true so create_project_from_template stops failing the "is not marked as template" guard. Wire-level enforcement of "at least one field" returns ErrValidation before any network call, preventing no-op PATCHes. private=false (making a repo public) is allowed but flagged in the tool description with a "verify intent before calling" warning. The earlier issue draft suggested an ntfy confirmation hook for that path — out of scope for this PR; the warning string is the minimum that fits inside the tool surface today. Wires NewRepoUpdate into cmd/gitea-mcp/main.go alongside the rest of the repo_* family. Closes #12	2026-05-16 23:01:33 +02:00
Mathias	103194a11a	fix(create_project_from_template): accept per-call template_name override The template name was hardcoded into the binary at startup via NewCreateProjectFromTemplate("mathias", "template-go-web"), so generating from a different template (e.g. template-go-agent) required a code change and restart. The constructor already parameterised it correctly — the gap was at the tool's input schema, which never exposed template_name to the caller. Adds an optional template_name input field. When set, it overrides the server-configured default for that call only; when omitted, behavior is unchanged. Template owner stays server-configured — only the repo name is per-call. Server-side validation already verifies the resolved template exists and is marked as a template repo, so no enum constraint is added — keeps the door open for future templates (go-ml, go-service, ...) without redeploys. Adds TestCreateProjectTemplateNameOverride verifying the override directs both the template lookup and the /generate POST. Closes #24	2026-05-16 23:01:28 +02:00
Mathias	4c87856aec	fix(pr_files_diff): copy per-file diff bytes to break buffer aliasing splitUnifiedDiff used bytes.Buffer to accumulate each file's diff, then stored buf.Bytes() into the result map and called buf.Reset() to start the next file. bytes.Buffer.Bytes() returns the buffer's internal backing slice; Reset() resets length to 0 but reuses the same backing array. As a result, every map entry aliased the same storage, so all files ended up showing the LAST file's diff content. Fix: copy the bytes into a fresh slice before storing in the map. Adds TestPRFilesDiffPerFileIsolation as a regression test that asserts each file entry contains its OWN diff --git header and none of the other files' headers. Verified failing on the prior code, passing after the fix. Closes #25	2026-05-16 23:01:18 +02:00
Mathias	b4176c1dec	chore: re-sync context adapters with upstream root Derived adapters drifted from canonical root .context/AGENT.md after the pgvector default change landed upstream. Pure regeneration via scripts/context-sync.sh, no manual edits. Required to make task check pass before the feature commits on this branch. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-16 23:00:23 +02:00