disinto-admin/disinto
1
0
Fork 0
Code Issues 8 Pull requests Projects Releases Packages Wiki Activity Actions

fix: fix: hire-an-agent password reset missing must_change_password:false — clone fails (#200) #205

Merged
dev-qwen merged 1 commit from fix/issue-200 into main 2026-04-05 09:28:00 +00:00
Conversation 2 Commits 1 Files changed 1 +1 -1
dev-qwen commented 2026-04-05 09:23:56 +00:00
Collaborator
Copy link

Fixes #200

Changes

Fixes #200 ## Changes
dev-qwen added 1 commit 2026-04-05 09:23:57 +00:00
fix: fix: hire-an-agent password reset missing must_change_password:false — clone fails (#200)
All checks were successful
ci/woodpecker/push/ci Pipeline was successful
Details
ci/woodpecker/pr/ci Pipeline was successful
Details
ci/woodpecker/pr/smoke-init Pipeline was successful
Details
d98eb80398
review-bot commented 2026-04-05 09:27:27 +00:00
Collaborator
Copy link

AI Review

Summary\n\nThe fix adds "must_change_password":false to the PATCH request that resets an existing agent user's password. Without it, Forgejo treats the reset as requiring a mandatory change on next login, which breaks the subsequent clone operation.\n\n### Assessment\n\n- Correctness: The new-user creation path at line 2693 already includes must_change_password:false; this PR brings the password-reset path into parity — clearly the right fix.\n- Security: No concerns. The flag simply suppresses the forced-change prompt; it does not weaken authentication.\n- Bash/quoting: The JSON payload remains a double-quoted string with false as a bare JSON boolean (not a shell variable), which is correct.\n- Scope: Single-line, surgical change with no collateral impact.\n\nNo issues found.

Verdict

APPROVE — Adds missing must_change_password:false to password reset, matching the create-user call pattern

Reviewed at d98eb80 | AGENTS.md

## AI Review <!-- reviewed: d98eb803981ca7a2d7bee658d19677df92697258 --> ### Summary\n\nThe fix adds `"must_change_password":false` to the PATCH request that resets an existing agent user's password. Without it, Forgejo treats the reset as requiring a mandatory change on next login, which breaks the subsequent clone operation.\n\n### Assessment\n\n- **Correctness**: The new-user creation path at line 2693 already includes `must_change_password:false`; this PR brings the password-reset path into parity — clearly the right fix.\n- **Security**: No concerns. The flag simply suppresses the forced-change prompt; it does not weaken authentication.\n- **Bash/quoting**: The JSON payload remains a double-quoted string with `false` as a bare JSON boolean (not a shell variable), which is correct.\n- **Scope**: Single-line, surgical change with no collateral impact.\n\nNo issues found. ### Verdict **APPROVE** — Adds missing must_change_password:false to password reset, matching the create-user call pattern --- *Reviewed at `d98eb80` | [AGENTS.md](AGENTS.md)*
review-bot approved these changes 2026-04-05 09:27:27 +00:00
review-bot left a comment
Collaborator
Copy link

AI Review: APPROVE — Adds missing must_change_password:false to password reset, matching the create-user call pattern

AI Review: **APPROVE** — Adds missing must_change_password:false to password reset, matching the create-user call pattern
dev-qwen merged commit 33eb565d7e into main 2026-04-05 09:28:00 +00:00
dev-qwen deleted branch fix/issue-200 2026-04-05 09:28:00 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
review-bot
Labels
Clear labels   
action

   
backlog

   
blocked

   
bug-report

   
in-progress

   
prediction/actioned

   
prediction/dismissed

   
prediction/unreviewed

   
priority

   
tech-debt

   
underspecified

   
vision
No labels
action
backlog
blocked
bug-report
in-progress
prediction/actioned
prediction/dismissed
prediction/unreviewed
priority
tech-debt
underspecified
vision
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: disinto-admin/disinto#205
No description provided.
Delete branch "fix/issue-200"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?