Files
xianyu-hunter-hermes-skill/skill/xianyu-hunter-monitor/references/gitea-public-publish-verification-2026-05.md
T

2.6 KiB

Public Gitea Publish Verification Notes (2026-05)

Context

BOSS changed the publishing requirement from private to public for the portable xianyu-hunter-hermes-skill package. The repository was created on self-hosted Gitea and pushed as a public repo.

Verified public repository shape:

https://gitea.chickliu.fun/Hermes/xianyu-hunter-hermes-skill

Package/repo contents:

README.md
install.sh
skill/xianyu-hunter-monitor/
project/xianyu-hunter/
releases/xianyu-hunter-hermes-skill.zip
releases/xianyu-hunter-hermes-skill.tar.gz
releases/SHA256SUMS.txt
.gitignore
  1. Create or check the Gitea repo via API, explicitly setting private:false.
  2. Build a clean staging worktree from the already-vetted portable package, not directly from the runtime project clone.
  3. Add .gitignore that excludes runtime/sensitive state even if future work occurs in the published repo:
node_modules/
browser-data/
data/tasks.json
data/config.json
data/notify-config.json
reports/
*.log
.runtime/
.DS_Store
  1. Commit and push to main.
  2. If using an HTTPS token in the remote URL for push, immediately scrub the token after push:
git remote set-url origin 'https://gitea.example.com/OWNER/REPO.git'
git remote -v

Verification commands

Use both API and unauthenticated/raw access checks where possible:

GITEA_URL='https://gitea.example.com'
OWNER='Hermes'
REPO='xianyu-hunter-hermes-skill'
TOKEN='...'

curl -sS -H "Authorization: token $TOKEN" \
  -o /tmp/gitea_repo_verify.json \
  -w 'HTTP %{http_code} size=%{size_download}\n' \
  "$GITEA_URL/api/v1/repos/$OWNER/$REPO"

python3 - <<'PY'
import json
d=json.load(open('/tmp/gitea_repo_verify.json'))
print('full_name:', d.get('full_name'))
print('html_url:', d.get('html_url'))
print('clone_url:', d.get('clone_url'))
print('private:', d.get('private'))
print('default_branch:', d.get('default_branch'))
print('empty:', d.get('empty'))
PY

curl -sS -L -o /tmp/gitea_readme.md \
  -w 'HTTP %{http_code} size=%{size_download}\n' \
  "$GITEA_URL/$OWNER/$REPO/raw/branch/main/README.md"
head -5 /tmp/gitea_readme.md

git ls-remote "$GITEA_URL/$OWNER/$REPO.git" HEAD refs/heads/main

Expected checks:

  • API returns HTTP 200.
  • private: False for public repos.
  • default_branch: main.
  • empty: False.
  • Raw README returns HTTP 200.
  • git ls-remote prints HEAD and refs/heads/main hashes.

Reporting to BOSS

Keep the final response concise and include:

  • Repository URL.
  • Public/private status confirmation.
  • Main verification results.
  • Note that the local remote URL no longer contains the token if a token was used.