From e411eb224c6235c6acca6b5a0f66ad5da89678c2 Mon Sep 17 00:00:00 2001
From: openhands <openhands@all-hands.dev>
Date: Wed, 25 Mar 2026 11:50:08 +0000
Subject: [PATCH] =?UTF-8?q?fix:=20Forgejo=2011.x=20ignores=20--must-change?=
 =?UTF-8?q?-password=3Dfalse=20=E2=80=94=20token=20creation=20fails=20with?=
 =?UTF-8?q?=20password=20change=20required=20(#665)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 bin/disinto | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/bin/disinto b/bin/disinto
index 1f7f1d3..e66fc47 100755
--- a/bin/disinto
+++ b/bin/disinto
@@ -398,6 +398,13 @@ setup_forge() {
       echo "  ${create_output}" >&2
       exit 1
     fi
+    # Forgejo 11.x ignores --must-change-password=false on create;
+    # explicitly clear the flag so basic-auth token creation works.
+    _forgejo_exec forgejo admin user change-password \
+      --username "${admin_user}" \
+      --password "${admin_pass}" \
+      --must-change-password=false
+
     # Verify admin user was actually created
     if ! curl -sf --max-time 5 "${forge_url}/api/v1/users/${admin_user}" >/dev/null 2>&1; then
       echo "Error: admin user '${admin_user}' not found after creation" >&2
@@ -447,6 +454,13 @@ setup_forge() {
         echo "  ${create_output}" >&2
         exit 1
       fi
+      # Forgejo 11.x ignores --must-change-password=false on create;
+      # explicitly clear the flag so basic-auth token creation works.
+      _forgejo_exec forgejo admin user change-password \
+        --username "${bot_user}" \
+        --password "${bot_pass}" \
+        --must-change-password=false
+
       # Verify bot user was actually created
       if ! curl -sf --max-time 5 \
         -H "Authorization: token ${admin_token}" \