32
40
Fork
You've already forked website
52

Forgejo monthly report - May 2026 #927

Merged
Beowulf merged 1 commit from mfenniak/forgejo-website:monthly-2026-05 into main 2026年06月08日 20:32:58 +02:00

Preview: https://forgejo.preview.codeberg.page/website@927/news & https://forgejo.preview.codeberg.page/website@927/2026-05-monthly-report/

  • draft the toot & the room announcement
  • verify there is no TBD left
  • verify all reviews were resolved
  • publish
  • toot (pin & unpin the previous one):
  • room announcement

Room announcement

@room the [monthly report was published](https://forgejo.org/2026-05-monthly-report/) ✨
Forgejo v15 was released, along with security releases. The Forgejo Runner had multiple releases and the Forgejo Helm chart v17 was released. The Forgejo Security Team responds to community concerns. Forgejo Runner received multiple updates and the Forgejo v16 release is progressing.

Toot https://floss.social/@forgejo/116715934718603866

The #Forgejo monthly report was published ✨

Forgejo v15 was released, along with security releases. The Forgejo Runner had multiple releases and the Forgejo Helm chart v17 was released. The Forgejo Security Team responds to community concerns. Forgejo Runner received multiple updates and the Forgejo v16 release is progressing.
https://forgejo.org/2026-05-monthly-report

Closes #839

Preview: https://forgejo.preview.codeberg.page/website@927/news & https://forgejo.preview.codeberg.page/website@927/2026-05-monthly-report/ - [x] draft the toot & the room announcement - [x] verify there is no TBD left - [x] verify all reviews were resolved - [x] publish - [x] toot (pin & unpin the previous one): - [x] room announcement --- Room announcement ``` @room the [monthly report was published](https://forgejo.org/2026-05-monthly-report/) ✨ Forgejo v15 was released, along with security releases. The Forgejo Runner had multiple releases and the Forgejo Helm chart v17 was released. The Forgejo Security Team responds to community concerns. Forgejo Runner received multiple updates and the Forgejo v16 release is progressing. ``` Toot https://floss.social/@forgejo/116715934718603866 ``` The #Forgejo monthly report was published ✨  Forgejo v15 was released, along with security releases. The Forgejo Runner had multiple releases and the Forgejo Helm chart v17 was released. The Forgejo Security Team responds to community concerns. Forgejo Runner received multiple updates and the Forgejo v16 release is progressing. https://forgejo.org/2026-05-monthly-report ``` Closes #839
@ -0,0 +135,4 @@
The following list of contributors is intended to reflect this diversity and to acknowledge all the contributions made over the past month.
If you are missing, please [ask for an update](https://codeberg.org/forgejo/website/issues/new).
- FIXME: generate this
Author
Member
Copy link

@Beowulf How does this contributor list typically get created?

@Beowulf How does this contributor list typically get created?
Owner
Copy link

Thanks for compiling. Will try to take a look tomorrow.

I can generate the list tomorrow (in ~12 hours) and @0ko needs to hand me the localization contributors from the two months. (I have a script for it. I wanted to create a clean version and then I could add it to the repo).

Thanks for compiling. Will try to take a look tomorrow. I can generate the list tomorrow (in ~12 hours) and @0ko needs to hand me the localization contributors from the two months. (I have a script for it. I wanted to create a clean version and then I could add it to the repo).
Beowulf marked this conversation as resolved
mfenniak force-pushed monthly-2026-05 from 753d24e5f5
Some checks failed
pr / preview (pull_request) Failing after 28s
to f848a6aad4
Some checks failed
pr / preview (pull_request) Failing after 29s
2026年06月06日 16:45:08 +02:00
Compare
mfenniak force-pushed monthly-2026-05 from f848a6aad4
Some checks failed
pr / preview (pull_request) Failing after 29s
to 2b5238500e
Some checks failed
pr / preview (pull_request) Failing after 30s
2026年06月06日 16:48:34 +02:00
Compare
aahlenst left a comment
Copy link

Thanks a lot!

Thanks a lot!
@ -0,0 +38,4 @@
They do not reveal the details of the vulnerability but will allow admins to plan ahead and better secure their instance.
Anyone can watch the [dedicated tracker](https://codeberg.org/forgejo/security-announcements/) or [subscribe to the RSS feed](https://codeberg.org/forgejo/security-announcements.rss).
### Forgejo runner
Member
Copy link

Runner instead of runner? There is at least one additional instance in the first sentence.

**R**unner instead of runner? There is at least one additional instance in the first sentence.
Author
Member
Copy link
Fixed. https://codeberg.org/forgejo/website/compare/cc63610397946c345998f27e25df9222dc4808c5..ee7a5e27f82b1169ea7145528d927b53c251d2ce
aahlenst marked this conversation as resolved
@ -0,0 +87,4 @@
### Private Package Registeries
A public security disclosure was made on May 27 2026 that indicated Gitea and other derived software was affected by a security vulnerability tracked as CVE-2026-27771, which alleges to expose private packages to unauthenticated users. Forgejo's security team disagrees with the characterization and reporting in this case.
Member
Copy link

Would it make sense to link to CVE-2026-27771?

Would it make sense to link to CVE-2026-27771?
Author
Member
Copy link

In my opinion, no. First, because it's just a bad CVE. But second because the actual contents haven't been filed with a CNA -- officially it is just a reversed number, so there's nothing official to link to. The only relevant link we could provide is to third-party reporting that includes this number, but these are articles that are full of bad journalism considering it a catastrophe when it isn't, so, I don't want to link to them.

But, I am annoyed by the issue, and so my opinion should be taken with a grain of salt. If you have a specific link that you think would be a good one to include, I would do so. 🤣

In my opinion, no. First, because it's just a bad CVE. But second because the actual contents haven't been filed with a CNA -- officially it is just a reversed number, so there's nothing official to link to. The only relevant link we could provide is to third-party reporting that includes this number, but these are articles that are full of bad journalism considering it a catastrophe when it isn't, so, I don't want to link to them. But, I am annoyed by the issue, and so my opinion should be taken with a grain of salt. If you have a specific link that you think would be a good one to include, I would do so. 🤣
Member
Copy link

That explains why I couldn't find any good link. Not having a link then is absolutely okay.

That explains why I couldn't find any good link. Not having a link then is absolutely okay.
Beowulf marked this conversation as resolved
@ -0,0 +91,4 @@
When packages are uploaded to Forgejo, they are uploaded to a user or organization that owns the packages. Their visibility to other users is directly tied to the visibility of their owner -- a public owner infers a public package, and a private owner infers a private package. When a package is private because of the privacy of the owner, we know of no vulnerabilities that allow access to the package contents.
This tying together of owner visibility and package visibility isn't as flexible as some Forgejo users would like it to be. And, it can be surprising to users as they can get the impression that package visibility should follow repository visibility when packages are linked to repositories. However, these are desired functional enhancements, not security vulnerabilities. It has never been documented or represented that package visibility relates to repository visibility, and the fact that packages are uploaded to Forgejo without being related to a repository is already a strong indicator to users that there is no such security control.
Member
Copy link

Would it make sense to link to forgejo/forgejo#3577?

Would it make sense to link to https://codeberg.org/forgejo/forgejo/issues/3577?
Author
Member
Copy link

Sure, but I'd like to put it at the end of this section so that it doesn't distract from the point of this paragraph. Added in cc63610397..ee7a5e27f8

Sure, but I'd like to put it at the end of this section so that it doesn't distract from the point of this paragraph. Added in https://codeberg.org/forgejo/website/compare/cc63610397946c345998f27e25df9222dc4808c5..ee7a5e27f82b1169ea7145528d927b53c251d2ce
aahlenst marked this conversation as resolved
@ -0,0 +105,4 @@
A HTTP API for Forgejo Actions artifacts has been merged: https://codeberg.org/forgejo/forgejo/pulls/12140. If everything goes according to plan, it will be included in Forgejo v16.
We're looking for feedback. Changing an API once it has been released is very hard. Either build Forgejo yourself or try it on https://v16.next.forgejo.org/ starting next week. Please open a new issue if you encounter problems or have feature requests.
Member
Copy link

"starting next week" can be dropped. "Next week" is a couple of weeks ago.

"starting next week" can be dropped. "Next week" is a couple of weeks ago.
Author
Member
Copy link
Done. https://codeberg.org/forgejo/website/compare/cc63610397946c345998f27e25df9222dc4808c5..ee7a5e27f82b1169ea7145528d927b53c251d2ce
aahlenst marked this conversation as resolved
mfenniak force-pushed monthly-2026-05 from 2b5238500e
Some checks failed
pr / preview (pull_request) Failing after 30s
to 3be7c670c3
Some checks failed
pr / preview (pull_request) Failing after 38s
2026年06月06日 16:53:58 +02:00
Compare
mfenniak force-pushed monthly-2026-05 from 3be7c670c3
Some checks failed
pr / preview (pull_request) Failing after 38s
to cc63610397
Some checks failed
pr / preview (pull_request) Failing after 52s
2026年06月06日 16:56:05 +02:00
Compare
mfenniak force-pushed monthly-2026-05 from cc63610397
Some checks failed
pr / preview (pull_request) Failing after 52s
to ee7a5e27f8
All checks were successful
pr / preview (pull_request) Successful in 1m30s
2026年06月06日 17:00:22 +02:00
Compare
mfenniak force-pushed monthly-2026-05 from ee7a5e27f8
All checks were successful
pr / preview (pull_request) Successful in 1m30s
to d482106c53
All checks were successful
pr / preview (pull_request) Successful in 1m18s
2026年06月06日 17:06:21 +02:00
Compare
<!--PR-PREVIEW-MARKER-->Preview ready: https://forgejo.preview.codeberg.page/website@927/
@ -0,0 +105,4 @@
### Forgejo Actions Artifact API
A HTTP API for Forgejo Actions artifacts has been merged: https://codeberg.org/forgejo/forgejo/pulls/12140. If everything goes according to plan, it will be included in Forgejo v16.
Member
Copy link

An addition before "If everything goes according to plan":

[Endpoints for accessing logs of workflow runs and individual jobs](https://codeberg.org/forgejo/forgejo/pulls/12666) were added, too.

Would require a new section title, for example: "New Forgejo Actions APIs"

An addition before "If everything goes according to plan": ``` [Endpoints for accessing logs of workflow runs and individual jobs](https://codeberg.org/forgejo/forgejo/pulls/12666) were added, too. ``` Would require a new section title, for example: "New Forgejo Actions APIs"
Author
Member
Copy link

Added. 👍

Added. 👍
mfenniak marked this conversation as resolved
mfenniak force-pushed monthly-2026-05 from d482106c53
All checks were successful
pr / preview (pull_request) Successful in 1m18s
to 670f0d06d1
All checks were successful
pr / preview (pull_request) Successful in 1m4s
2026年06月06日 17:13:44 +02:00
Compare
@ -0,0 +16,4 @@
[Forgejo v15.0.0](./2026-04-release-v15-0) was released on April 16.
As a long-term-support release, it will be supported with bug and security fixes until 15 July 2027.
Two security releases have been completed since v15's initial release: [v15.0.1](https://codeberg.org/forgejo/forgejo/src/commit/b1b47e64d7c6e32659c19236ae3ddfa3dabf98e5/release-notes-published/15.0.1.md) and [v15.0.2](https://codeberg.org/forgejo/forgejo/src/commit/b1b47e64d7c6e32659c19236ae3ddfa3dabf98e5/release-notes-published/15.0.2.md).
Member
Copy link

Maybe add?

(and v15.0.3 will be released in on June 10th 2026)

with link to forgejo/security-announcements#54

Maybe add? (and v15.0.3 will be released in on June 10th 2026) with link to https://codeberg.org/forgejo/security-announcements/issues/54
Author
Member
Copy link

Sure. 👍 Added here: 670f0d06d1..faab550ba3

Sure. 👍 Added here: https://codeberg.org/forgejo/website/compare/670f0d06d150d11e102b0afa7592e8cd3a94053f..faab550ba3a428e4e17992492d6a53b51dfc6d6f
mfenniak marked this conversation as resolved
mfenniak force-pushed monthly-2026-05 from 670f0d06d1
All checks were successful
pr / preview (pull_request) Successful in 1m4s
to faab550ba3
All checks were successful
pr / preview (pull_request) Successful in 1m9s
2026年06月06日 19:20:57 +02:00
Compare
@ -0,0 +126,4 @@
## Forgejo Usage in the Wild
- The Dutch overnment has soft-launched [code.overheid.nl](https://code.overheid.nl/), a new Forgejo-based platform for Dutch government software development. More information [in Dutch](https://developer.overheid.nl/blog/2026/04/24/we-gaan-samen-code-overheid-bouwen).
- Jeroen Baten put on a talk, [Getting started with CI/CD using Forgejo Actions and why this is important AF](https://www.youtube.com/watch?v=-DF7ewE8_HY), at the NLUUG.nl conference.
Member
Copy link

The 101 ways of spelling Forgejo wrongly ... ☺️

You may add it here, too, if you want:

Line 10 in 8302acb
Frogejo = "Forgejo"
The 101 ways of spelling Forgejo wrongly ... ☺️ You may add it here, too, if you want: https://codeberg.org/forgejo/website/src/commit/8302acb14c8a4f736767b68b71a17639f323f96c/.typos.toml#L10
Author
Member
Copy link

Fixed.

Fixed.
mfenniak marked this conversation as resolved
mfenniak force-pushed monthly-2026-05 from faab550ba3
All checks were successful
pr / preview (pull_request) Successful in 1m9s
to 575a534818
All checks were successful
pr / preview (pull_request) Successful in 1m12s
2026年06月06日 19:30:51 +02:00
Compare

Thanks for the write-up! I think that it would be really great to include a (small) section about federation in this report.

forgejo/forgejo#4767 was merged after forgejo/forgejo#10380 concluding a series of pull requests concerning user activity following across Forgejo, Mastodon and GoToSocial instances. Include the obligatory warning from https://forgejo.org/faq/#what-about-forge-federation (you may use the newly introduced admonitions for that, see #896).

@famfo @Gusted

Thanks for the write-up! I think that it would be really great to include a (small) section about federation in this report. https://codeberg.org/forgejo/forgejo/pulls/4767 was merged after https://codeberg.org/forgejo/forgejo/pulls/10380 concluding a series of pull requests concerning user activity following across Forgejo, Mastodon and GoToSocial instances. Include the obligatory warning from https://forgejo.org/faq/#what-about-forge-federation (you may use the newly introduced admonitions for that, see https://codeberg.org/forgejo/website/pulls/896). @famfo @Gusted
mfenniak force-pushed monthly-2026-05 from 575a534818
All checks were successful
pr / preview (pull_request) Successful in 1m12s
to 384f0e1926
Some checks failed
pr / preview (pull_request) Failing after 33s
2026年06月06日 22:46:54 +02:00
Compare
Author
Member
Copy link

A new contributor listing tool is now included in this PR, list_contributors.py.

A new contributor listing tool is now included in this PR, `list_contributors.py`.
mfenniak force-pushed monthly-2026-05 from 384f0e1926
Some checks failed
pr / preview (pull_request) Failing after 33s
to 364fcd9e20
Some checks failed
pr / preview (pull_request) Failing after 30s
2026年06月06日 22:51:13 +02:00
Compare
mfenniak force-pushed monthly-2026-05 from 364fcd9e20
Some checks failed
pr / preview (pull_request) Failing after 30s
to 8e458bce58
Some checks failed
pr / preview (pull_request) Failing after 28s
2026年06月06日 23:10:11 +02:00
Compare
Author
Member
Copy link

@mahlzahn wrote in #927 (comment):

I think that it would be really great to include a (small) section about federation in this report.

OK, added. 384f0e1926..364fcd9e20

@mahlzahn wrote in https://codeberg.org/forgejo/website/pulls/927#issuecomment-16692491: > I think that it would be really great to include a (small) section about federation in this report. OK, added. https://codeberg.org/forgejo/website/compare/384f0e19260430957b608c51e6e17e9a10fb4489..364fcd9e20d128be1308498caef3ae0e3bd34897
mfenniak force-pushed monthly-2026-05 from 8e458bce58
Some checks failed
pr / preview (pull_request) Failing after 28s
to 249a0f4ded
All checks were successful
pr / preview (pull_request) Successful in 1m10s
2026年06月06日 23:11:41 +02:00
Compare
@ -0,0 +51,4 @@
current += dt.timedelta(days=1)
def fetch_feed(repo_data, date, page, limit):
base = f"https://{repo_data.host}/api/v1/repos/{repo_data.owner}/{repo_data.repo}/activities/feeds"
Owner
Copy link

Ah, you already added a script to generate the usernames.

My script used the codeberg.org/api/v1/repos/.../.../issues/comments and codeberg.org/api/v1/repos/.../.../issues routes.

And I filtered "Ghost", everything which starts with forgejo-, end-to-end (and banned users).

I fetched the API for the following repos:

  • On Codeberg:
    • forgejo/code-of-conduct
    • forgejo/design
    • forgejo/discussions
    • forgejo/docs
    • forgejo/forgejo
    • forgejo/governance
    • forgejo/sustainability
    • forgejo/user-research
    • forgejo/website
  • On code.forgejo.org:
    • forgejo/runner
    • forgejo/end-to-end
    • forgejo/act
    • forgejo/lxc-helpers
    • forgejo/forgejo-curl
    • forgejo/ovh-dns-update
    • forgejo/forgejo-build-publish
    • forgejo/renovate-config
    • forgejo/levelqueue
    • forgejo/forgejo-test-openldap
    • forgejo/go-rpmutils
    • forgejo/oci-mirror
    • forgejo/actions-proto
    • forgejo/action-website-preview
    • forgejo/next-instance
    • forgejo/release-tasks
    • forgejo/ci-image-builder
    • forgejo-helm/forgejo-helm
    • actions/cascading-pr
    • actions/setup-forgejo
    • actions/forgejo-release
Ah, you already added a script to generate the usernames. My script used the `codeberg.org/api/v1/repos/.../.../issues/comments` and `codeberg.org/api/v1/repos/.../.../issues` routes. And I filtered "Ghost", everything which starts with `forgejo-`, `end-to-end` (and banned users). I fetched the API for the following repos: - On Codeberg: - forgejo/code-of-conduct - forgejo/design - forgejo/discussions - forgejo/docs - forgejo/forgejo - forgejo/governance - forgejo/sustainability - forgejo/user-research - forgejo/website - On code.forgejo.org: - forgejo/runner - forgejo/end-to-end - forgejo/act - forgejo/lxc-helpers - forgejo/forgejo-curl - forgejo/ovh-dns-update - forgejo/forgejo-build-publish - forgejo/renovate-config - forgejo/levelqueue - forgejo/forgejo-test-openldap - forgejo/go-rpmutils - forgejo/oci-mirror - forgejo/actions-proto - forgejo/action-website-preview - forgejo/next-instance - forgejo/release-tasks - forgejo/ci-image-builder - forgejo-helm/forgejo-helm - actions/cascading-pr - actions/setup-forgejo - actions/forgejo-release
Owner
Copy link

Some people are missing too in the list, because the activity feed does not contain everything.

In the past every link to a user was via CB (I saw you added some with code.forgejo.org). I'm fine, just wanted to add this.

Some people are missing too in the list, because the activity feed does not contain everything. In the past every link to a user was via CB (I saw you added some with code.forgejo.org). I'm fine, just wanted to add this.
Author
Member
Copy link

I'm happy to replace this list and this script, if you can provide the alternative.

I'm happy to replace this list and this script, if you can provide the alternative.
Beowulf left a comment
Copy link

Huge thanks to you!

Huge thanks to you!
@ -0,0 +14,4 @@
### Forgejo v15
[Forgejo v15.0.0](./2026-04-release-v15-0) was released on April 16.
As a long-term-support release, it will be supported with bug and security fixes until 15 July 2027.
Owner
Copy link

until 15 July 2027 -> maybe link to the release schedule?

`until 15 July 2027` -> maybe link to the release schedule?
mfenniak marked this conversation as resolved
@ -0,0 +44,4 @@
Forgejo Runner has received multiple releases since the last monthly report and is currently [v12.10.2](https://code.forgejo.org/forgejo/runner/releases/tag/v12.10.2).
With the introduction of the [new runner registration process in Forgejo 15](https://forgejo.org/docs/v15.0/admin/actions/registration/), all commands supporting the old process around the runner registration token and the `.runner` file have been deprecated (`register`, `create-runner-file`). However, support for `.runner` will be kept around for the foreseeable future. If your use cases aren't supported well by the new tooling, please let us know.
Owner
Copy link

s/new runner registration/new Runner registration/ ?

s/new runner registration/new Runner registration/ ?
Author
Member
Copy link

I think this is consistent with our documentation updates where we've been trying to normalize this -- "Forgejo Runner" to reference the software, forgejo-runner to reference a binary, but a "runner" to reference an installation. e.g. https://forgejo.org/docs/latest/admin/actions/ -> "Configure Forgejo Runner", "Choosing labels for the runner is the minimum required configuration", "Other runners".

There are other usages here of runner to note, if there's disagreement: "runner registration token", "managed runner scaling configurations".

I think this is consistent with our documentation updates where we've been trying to normalize this -- "Forgejo Runner" to reference the software, `forgejo-runner` to reference a binary, but a "runner" to reference an installation. e.g. https://forgejo.org/docs/latest/admin/actions/ -> "Configure Forgejo Runner", "Choosing labels for the runner is the minimum required configuration", "Other runners". There are other usages here of runner to note, if there's disagreement: "runner registration token", "managed runner scaling configurations".
Beowulf marked this conversation as resolved
@ -0,0 +48,4 @@
Apart from numerous bug fixes, the first features slated for Forgejo 16 have landed, too: entrypoint customization for [job containers](https://code.forgejo.org/forgejo/runner/pulls/1493) and [services](https://code.forgejo.org/forgejo/runner/pulls/1498).
As every month, the users of Forgejo Actions have been busy [filing feature requests](https://code.forgejo.org/forgejo/forgejo-actions-feature-requests/). One that has seen a lot of interest and discussion is [Pluggable Backend Architecture](https://code.forgejo.org/forgejo/forgejo-actions-feature-requests/issues/107). The aim is enabling the development of third-party plug-ins that can run jobs in alternative back-ends like virtual machines or Kubernetes. There is already a [working prototype that runs jobs in Kubernetes](https://codeberg.org/forgejo/discussions/issues/66#issuecomment-12615426).
Owner
Copy link

Is it filing or filling?

Is it filing or filling?
Author
Member
Copy link

I believe that filing is correct for putting new issues into a file; filling would be to make something full, like filling a tank.

I believe that filing is correct for putting new issues into a file; filling would be to make something full, like filling a tank.
Owner
Copy link

You still changed it to filling - was this by accident and should be reverted?

You still changed it to filling - was this by accident and should be reverted?
Author
Member
Copy link

That would have been an accident when looking at it - if you could correct, would appreciate, away from desk currently.

That would have been an accident when looking at it - if you could correct, would appreciate, away from desk currently.
Owner
Copy link

Done.

Done.
Beowulf marked this conversation as resolved
@ -0,0 +85,4 @@
Additionally, the pull requests referenced in the blog post have since been reviewed, and either merged, closed, or sent back to the author with requests for changes.
The blog author also noted that Forgejo's current security policy is a difficult read. We agree. A community member has started a discussion on updates to the policy (https://codeberg.org/forgejo/discussions/issues/462), and we support simplifying and cleaning this policy up.
Owner
Copy link

I would try to prevent using the word "we" (via rewording), because it is complicated to define what "we" means (also for the usages afterwards).

I would try to prevent using the word "we" (via rewording), because it is complicated to define what "we" means (also for the usages afterwards).
Author
Member
Copy link

This is a statement authored by and reviewed by the Forgejo Security team before being shared for update, which I think is present in the context of this section as it reads "Forgejo's security team initially chose to make no public response to this blog post. We internally ..." Let me know if you think this is sufficient or not.

This is a statement authored by and reviewed by the Forgejo Security team before being [shared for update](https://codeberg.org/forgejo/website/issues/839#issuecomment-14208296), which I think is present in the context of this section as it reads "Forgejo's security team initially chose to make no public response to this blog post. We internally ..." Let me know if you think this is sufficient or not.
Owner
Copy link

Yes, sorry, my fault. Haven't seen it is only in the security part used.

Yes, sorry, my fault. Haven't seen it is only in the security part used.
Beowulf marked this conversation as resolved
@ -0,0 +105,4 @@
### New Forgejo Actions APIs
An HTTP API for Forgejo Actions artifacts has been merged: https://codeberg.org/forgejo/forgejo/pulls/12140. [Endpoints for accessing logs of workflow runs and individual jobs](https://codeberg.org/forgejo/forgejo/pulls/12666) were added, too. If everything goes according to plan, it will be included in Forgejo v16.
Owner
Copy link
has been merged: ![#12140](https://codeberg.org/forgejo/forgejo/pulls/12140)
``` has been merged: ![#12140](https://codeberg.org/forgejo/forgejo/pulls/12140) ```
Author
Member
Copy link

Addressed, but slightly differently to be consistent with the next link as well: 249a0f4ded..7f48c49d2a

Addressed, but slightly differently to be consistent with the next link as well: https://codeberg.org/forgejo/website/compare/249a0f4ded2158f8faae8f2f138c15cb84bd0ad7..7f48c49d2a574c688f186e8e3a13d88a50b0ddf1
Beowulf marked this conversation as resolved
@ -0,0 +124,4 @@
The [Authorized Integrations documentation](https://forgejo.org/docs/next/user/authorized-integrations/) provides more information.
### Federation
Owner
Copy link

For a high-level overview, check out the [federation roadmap](https://codeberg.org/forgejo-contrib/federation/src/branch/main/FederationRoadmap.md).

`For a high-level overview, check out the [federation roadmap](https://codeberg.org/forgejo-contrib/federation/src/branch/main/FederationRoadmap.md).`
Author
Member
Copy link

As a document that hasn't been updated for 6 months and doesn't include the changes referenced here... I'm not sure that it's a good link to include?

As a document that hasn't been updated for 6 months and doesn't include the changes referenced here... I'm not sure that it's a good link to include?
Owner
Copy link

Makes sense, we had it only in all the previous reports, but makes sense 👍

Makes sense, we had it only in all the previous reports, but makes sense 👍
Beowulf marked this conversation as resolved
@ -0,0 +127,4 @@
[Federated user activity following](https://codeberg.org/forgejo/forgejo/pulls/4767) was merged after the capability to [follow remote users](https://codeberg.org/forgejo/forgejo/pulls/10380), concluding a series of pull requests concerning user activity following across Forgejo, Mastodon and GoToSocial instances.
> [!warning] Warning
Owner
Copy link

Would move the warning above?

Would move the warning above?
mfenniak marked this conversation as resolved
@ -0,0 +130,4 @@
> [!warning] Warning
> Federation is under active development and is still considered experimental. _Enabling it will forever make the domain Forgejo is running on unavailable for federation with other software._
## Forgejo Usage in the Wild
Owner
Copy link

Should usage be lowercased?

Should usage be lowercased?
Author
Member
Copy link

That doesn't feel correct to me. I've looked at capitalization style guides and it seems supported with this capitalization.

That doesn't feel correct to me. I've looked at capitalization style guides and it seems supported with this capitalization.
Beowulf marked this conversation as resolved
mfenniak force-pushed monthly-2026-05 from 249a0f4ded
All checks were successful
pr / preview (pull_request) Successful in 1m10s
to 7f48c49d2a
All checks were successful
pr / preview (pull_request) Successful in 1m4s
2026年06月07日 03:50:20 +02:00
Compare
Author
Member
Copy link

@Beowulf Thanks for the review. I've made this PR editable for maintainers if you'd be able to replace the contributor list with your version -- then I'll drop the script.

@Beowulf Thanks for the review. I've made this PR editable for maintainers if you'd be able to replace the contributor list with your version -- then I'll drop the script.
@ -0,0 +143,4 @@
The following list of contributors is intended to reflect this diversity and to acknowledge all the contributions made over the past month.
If you are missing, please [ask for an update](https://codeberg.org/forgejo/website/issues/new).
Member
Copy link

(TODO: add translators, seems only admins on Weblate Forgejo project can download this list)

(TODO: add translators, seems only admins on Weblate Forgejo project can download this list)
Owner
Copy link

I'm doing this.

I'm doing this.
Beowulf marked this conversation as resolved
famfo requested changes 2026年06月07日 16:09:05 +02:00
Dismissed
@ -0,0 +126,4 @@
### Federation
> [!warning] Warning
> Federation is under active development and is still considered experimental. _Enabling it will forever make the domain Forgejo is running on unavailable for federation with other software._
Member
Copy link
- > Federation is under active development and is still considered experimental. _Enabling it will forever make the domain Forgejo is running on unavailable for federation with other software._ 
+ Federation is under active development and is still considered experimental. _Enabling it can forever make the domain Forgejo is running on unavailable for federation with other software in the future._ See [the FAQ](https://forgejo.org/faq/#what-about-forge-federation) for more information.
```diff - > Federation is under active development and is still considered experimental. _Enabling it will forever make the domain Forgejo is running on unavailable for federation with other software._ + Federation is under active development and is still considered experimental. _Enabling it can forever make the domain Forgejo is running on unavailable for federation with other software in the future._ See [the FAQ](https://forgejo.org/faq/#what-about-forge-federation) for more information. ```
Beowulf marked this conversation as resolved
@ -0,0 +128,4 @@
> [!warning] Warning
> Federation is under active development and is still considered experimental. _Enabling it will forever make the domain Forgejo is running on unavailable for federation with other software._
[Federated user activity following](https://codeberg.org/forgejo/forgejo/pulls/4767) was merged after the capability to [follow remote users](https://codeberg.org/forgejo/forgejo/pulls/10380), concluding a series of pull requests concerning user activity following across Forgejo, Mastodon and GoToSocial instances.
Member
Copy link

I'd maybe reword this a bit, the ability to follow ActivityPub users and activity feed tab are the last few things from the Federated user activity following. A suggestion:

The last pull request taken from Federated user activity following was merged which introduces the ability to follow other ActivityPub users and introduces an ActivityPub feed for federated notes from other instances (currently only Forgejo, Mastodon and GoToSocial). The limitation on software federation is possible with will be removed in a future release.

I'd maybe reword this a bit, the ability to follow ActivityPub users and activity feed tab are the last few things from the Federated user activity following. A suggestion: The last [pull request](https://codeberg.org/forgejo/forgejo/pulls/10380) taken from [Federated user activity following](https://codeberg.org/forgejo/forgejo/pulls/4767) was merged which introduces the ability to follow other ActivityPub users and introduces an ActivityPub feed for federated notes from other instances (currently only Forgejo, Mastodon and GoToSocial). The limitation on software federation is possible with will be removed in a future release.
Beowulf marked this conversation as resolved
Beowulf force-pushed monthly-2026-05 from 7f48c49d2a
All checks were successful
pr / preview (pull_request) Successful in 1m4s
to df43233b3e
All checks were successful
pr / preview (pull_request) Successful in 1m6s
2026年06月07日 16:44:46 +02:00
Compare
Beowulf force-pushed monthly-2026-05 from df43233b3e
All checks were successful
pr / preview (pull_request) Successful in 1m6s
to a69785f37c
All checks were successful
pr / preview (pull_request) Successful in 1m5s
2026年06月07日 16:48:00 +02:00
Compare
Beowulf force-pushed monthly-2026-05 from a69785f37c
All checks were successful
pr / preview (pull_request) Successful in 1m5s
to 7512730bb7
All checks were successful
pr / preview (pull_request) Successful in 1m1s
2026年06月07日 17:02:09 +02:00
Compare
@ -0,0 +2,4 @@
title: Forgejo monthly report - May 2026
publishDate: 2026年06月07日
tags: ['news', 'report']
excerpt: Forgejo v15 was released, along with security releases. Forgejo Security responds to community concerns. Forgejo Runner received multiple updates and the Forgejo v16 release is progressing.
Member
Copy link

maybe?: The Forgejo Security team ...

maybe?: The Forgejo Security team ...
Beowulf marked this conversation as resolved
Beowulf force-pushed monthly-2026-05 from 7512730bb7
All checks were successful
pr / preview (pull_request) Successful in 1m1s
to 44c15455a1
All checks were successful
pr / preview (pull_request) Successful in 1m1s
2026年06月07日 19:21:51 +02:00
Compare
Beowulf force-pushed monthly-2026-05 from 44c15455a1
All checks were successful
pr / preview (pull_request) Successful in 1m1s
to e32debf169
All checks were successful
pr / preview (pull_request) Successful in 1m3s
2026年06月07日 21:52:06 +02:00
Compare
Beowulf force-pushed monthly-2026-05 from e32debf169
All checks were successful
pr / preview (pull_request) Successful in 1m3s
to eb186f1cdb
All checks were successful
pr / preview (pull_request) Successful in 1m1s
2026年06月07日 21:53:48 +02:00
Compare
Author
Member
Copy link

I cannot approve as the PR author, but I register my approval with your edits and agree this is ready for release. Thank you for the fix-ups!

I cannot approve as the PR author, but I register my approval with your edits and agree this is ready for release. Thank you for the fix-ups!

forgot to mention the Forgejo helm chart releases for Forgejo v15

forgot to mention the Forgejo helm chart releases for Forgejo v15

@viceice wrote in #927 (comment):

forgot to mention the Forgejo helm chart releases for Forgejo v15

If you want to have this added, could you draft a snippet or directly add it yourself?

@viceice wrote in https://codeberg.org/forgejo/website/pulls/927#issuecomment-16813931: > forgot to mention the Forgejo helm chart releases for Forgejo v15 If you want to have this added, could you draft a snippet or directly add it yourself?

@Beowulf wrote in #927 (comment):

@viceice wrote in #927 (comment):

forgot to mention the Forgejo helm chart releases for Forgejo v15

If you want to have this added, could you draft a snippet or directly add it yourself?

I can copy and add a snip from previous report later today

@Beowulf wrote in https://codeberg.org/forgejo/website/pulls/927#issuecomment-16817381: > @viceice wrote in #927 (comment): > > > forgot to mention the Forgejo helm chart releases for Forgejo v15 > > If you want to have this added, could you draft a snippet or directly add it yourself? I can copy and add a snip from previous report later today

@Beowulf wrote in #927 (comment):

@viceice wrote in #927 (comment):

forgot to mention the Forgejo helm chart releases for Forgejo v15

If you want to have this added, could you draft a snippet or directly add it yourself?

Forgejo Helm chart v17

Following the release of Forgejo v15, the Forgejo Helm chart received a new major release to update the default Forgejo version.
One patch and one minor release followed for the corresponding v15 patch releases: v17.0.1 and v17.1.0.
The minor release brought the values.schema.json file for easier values validation

### Forgejo Helm chart v17

Following the release of Forgejo v15, the Forgejo Helm chart received a [new major release](https://code.forgejo.org/forgejo-helm/forgejo-helm/releases/tag/v17.0.0) to update the default Forgejo version.
One patch and one minor release followed for the corresponding v15 patch releases: [v17.0.1](https://code.forgejo.org/forgejo-helm/forgejo-helm/releases/tag/v17.0.1) and [v17.1.0](https://code.forgejo.org/forgejo-helm/forgejo-helm/releases/tag/v17.1.0).
The minor release brought the `values.schema.json` file for easier values validation.
@Beowulf wrote in https://codeberg.org/forgejo/website/pulls/927#issuecomment-16817381: > @viceice wrote in #927 (comment): > > > forgot to mention the Forgejo helm chart releases for Forgejo v15 > > If you want to have this added, could you draft a snippet or directly add it yourself? ### Forgejo Helm chart v17 Following the release of Forgejo v15, the Forgejo Helm chart received a [new major release](https://code.forgejo.org/forgejo-helm/forgejo-helm/releases/tag/v17.0.0) to update the default Forgejo version. One patch and one minor release followed for the corresponding v15 patch releases: [v17.0.1](https://code.forgejo.org/forgejo-helm/forgejo-helm/releases/tag/v17.0.1) and [v17.1.0](https://code.forgejo.org/forgejo-helm/forgejo-helm/releases/tag/v17.1.0). The minor release brought the `values.schema.json` file for easier values validation ```md ### Forgejo Helm chart v17 Following the release of Forgejo v15, the Forgejo Helm chart received a [new major release](https://code.forgejo.org/forgejo-helm/forgejo-helm/releases/tag/v17.0.0) to update the default Forgejo version. One patch and one minor release followed for the corresponding v15 patch releases: [v17.0.1](https://code.forgejo.org/forgejo-helm/forgejo-helm/releases/tag/v17.0.1) and [v17.1.0](https://code.forgejo.org/forgejo-helm/forgejo-helm/releases/tag/v17.1.0). The minor release brought the `values.schema.json` file for easier values validation. ```
Beowulf force-pushed monthly-2026-05 from f17ecd13ee
Some checks failed
pr / preview (pull_request) Has been cancelled
to cc3729a034
Some checks failed
pr / preview (pull_request) Failing after 1m47s
2026年06月08日 20:30:18 +02:00
Compare
@ -0,0 +2,4 @@
title: Forgejo monthly report - May 2026
publishDate: 2026年06月08日
tags: ['news', 'report']
excerpt: Forgejo v15 was released, along with security releases. The Forgejo Runner had multiple releases and the Forgejo Helm chart v17 was released. The Forgejo Security Team responds to community concerns. Forgejo Runner received multiple updates and the Forgejo v16 release is progressing.
Owner
Copy link

ups, duplicate Forgejo runner... in excerpt 😅

ups, duplicate `Forgejo runner...` in excerpt 😅
Owner
Copy link

See !933

See !933
Beowulf marked this conversation as resolved
Sign in to join this conversation.
Labels
Clear labels
404
Broken links or missing content
Accessibility
Accessibility
Blog post
Documentation
Forgejo Documentation
Internationalisation
i18n and l10n
User research - Accessibility
Requires input about accessibility features, likely involves user testing.
User research - Blocked
Do not pick as-is! We are happy if you can help, but please coordinate with ongoing redesign in this area.
User research - Community
Community features, such as discovering other people's work or otherwise feeling welcome on a Forgejo instance.
User research - Config (instance)
Instance-wide configuration, authentication and other admin-only needs.
User research - Errors
How to deal with errors in the application and write helpful error messages.
User research - Filters
How filter and search is being worked with.
User research - Future backlog
The issue might be inspiring for future design work.
User research - Git workflow
AGit, fork-based and new Git workflow, PR creation etc
User research - Labels
Active research about Labels
User research - Moderation
Moderation Featuers for Admins are undergoing active User Research
User research - Needs input
Use this label to let the User Research team know their input is requested.
User research - Notifications/Dashboard
Research on how users should know what to do next.
User research - Rendering
Text rendering, markup languages etc
User research - Repo creation
Active research about the New Repo dialog.
User research - Repo units
The repo sections, disabling them and the "Add more" button.
User research - Security
User research - Settings (in-app)
How to structure in-app settings in the future?
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
7 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
forgejo/website!927
Reference in a new issue
forgejo/website
No description provided.
Delete branch "mfenniak/forgejo-website:monthly-2026-05"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?