v1.1.3: pi 0.79.4 → 0.79.5

docs(AGENTS): document GITEA_ACCESS_TOKEN env for general Gitea API access
GITEA_ACCESS_TOKEN + GITEA_HOST (passed from host .env via compose, primarily for gitea-mcp) are also usable for any direct Gitea API work — run inspection, tag checks — not just ci-release-watcher. Prefer over a PAT file when present; host-managed lifecycle, nothing to revoke. Release checklist step 7 now notes the env-token alternative.
2026-06-16 23:54:05 +02:00 · 2026-06-15 22:30:36 +02:00
2 changed files with 29 additions and 1 deletions
@@ -61,7 +61,24 @@ re-brand of opencode-devbox's `pi-only` variant.
 6. Verify the Hub tags appear (latest + vX.Y.Z, the `-studio` pair, plus
   base-latest if the base was rebuilt this run).
 7. **Revoke any short-lived Gitea PAT** used during the release at
-   `gitea.jordbo.se/user/settings/applications`.
+   `gitea.jordbo.se/user/settings/applications`. N/A if you used the
+   `GITEA_ACCESS_TOKEN` env var instead (see *Gitea API access* below) —
+   its lifecycle is managed host-side, nothing to revoke.
+
+## Gitea API access (env token)
+
+`GITEA_ACCESS_TOKEN` + `GITEA_HOST` are passed into the container from the
+host `.env` via `docker-compose.yml` (`${GITEA_ACCESS_TOKEN:-}` /
+`${GITEA_HOST:-}`), primarily to enable the `gitea-mcp` server. They are
+**not** baked into the image. When configured, they are also available for
+**any** direct Gitea API interaction from inside the container — inspecting
+CI runs, checking published tags, listing commits — e.g.
+`curl -H "Authorization: token $GITEA_ACCESS_TOKEN" "$GITEA_HOST/api/v1/repos/joakimp/pi-devbox/actions/runs?limit=5"`.
+Prefer this over a short-lived PAT file when the env token is present (the
+`ci-release-watcher` skill auto-detects it). Public-repo GET listings work
+unauthenticated too, so the token matters mainly for private repos or
+rate-limit headroom; its lifecycle is host-managed, so there is nothing to
+revoke after use. Never echo the token value (including into logs).

 ## Cache-hit footgun (must-know)

@@ -13,6 +13,17 @@ Pre-v1.0.0 tags followed the pi npm version (`v{pi_version}[letter]`).

 ## Unreleased

+## v1.1.3 — 2026-06-16
+
+Patch release: pi `0.79.4` → `0.79.5` (auto-resolved at build).
+
+### Changed
+
+- **pi bumped to `0.79.5`** (published upstream 2026-06-16). No image-side
+  changes beyond the pi npm version.
+
+---
+
 ## v1.1.2 — 2026-06-15

 Patch release: pi `0.79.3` → `0.79.4` (auto-resolved at build), plus the
Author	SHA1	Message	Date
Joakim Persson	c48abf41d1	v1.1.3: pi 0.79.4 → 0.79.5 Publish Docker Image / resolve-versions (push) Successful in 6s Details Publish Docker Image / base-decide (push) Successful in 11s Details Publish Docker Image / build-base (push) Has been skipped Details Publish Docker Image / smoke (push) Successful in 3m6s Details Publish Docker Image / smoke-studio (push) Successful in 9m55s Details Publish Docker Image / build-variant (push) Successful in 15m18s Details Publish Docker Image / promote-base-latest (push) Has been skipped Details Publish Docker Image / update-description (push) Successful in 11s Details Publish Docker Image / build-variant-studio (push) Successful in 25m41s Details	2026-06-16 23:54:05 +02:00
pi	777d53354f	docs(AGENTS): document GITEA_ACCESS_TOKEN env for general Gitea API access GITEA_ACCESS_TOKEN + GITEA_HOST (passed from host .env via compose, primarily for gitea-mcp) are also usable for any direct Gitea API work — run inspection, tag checks — not just ci-release-watcher. Prefer over a PAT file when present; host-managed lifecycle, nothing to revoke. Release checklist step 7 now notes the env-token alternative.	2026-06-15 22:30:36 +02:00