From 31b06b4ab64b50956f638d1eecfe5337b0638c27 Mon Sep 17 00:00:00 2001
From: Andrey Epifantsev <epifantsev1aa@gmail.com>
Date: Wed, 27 Aug 2025 13:52:38 +0400
Subject: [PATCH] =?UTF-8?q?=D0=94=D0=BE=D0=B1=D0=B0=D0=B2=D0=BB=D0=B5?=
 =?UTF-8?q?=D0=BD=D0=BE=20=D0=BF=D1=80=D0=B0=D0=B2=D0=B8=D0=BB=D0=BE=20?=
 =?UTF-8?q?=D0=B4=D0=BB=D1=8F=20=D1=80=D0=B0=D0=B1=D0=BE=D1=82=D1=8B=20?=
 =?UTF-8?q?=D1=81=20gitea=20=D1=87=D0=B5=D1=80=D0=B5=D0=B7=20=D1=82=D0=BE?=
 =?UTF-8?q?=D0=BA=D0=B5=D0=BD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .cursor/rules/gitea-token.mdc | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 .cursor/rules/gitea-token.mdc

diff --git a/.cursor/rules/gitea-token.mdc b/.cursor/rules/gitea-token.mdc
new file mode 100644
index 0000000..dc9d432
--- /dev/null
+++ b/.cursor/rules/gitea-token.mdc
@@ -0,0 +1,24 @@
+---
+description: Safe use of Gitea API token
+globs:
+alwaysApply: true
+---
+
+Rule: Gitea API token access and usage
+
+Source of token:
+- Environment variable `GITEA_TOKEN` must be set in the shell/session.
+
+Security:
+- Never print the token value to chat, logs, diffs, or console output.
+- Do not hardcode the token.
+- Do not store the token unencrypted on disk. Prefer environment variables or a secret manager.
+
+Setup:
+- Ensure `GITEA_TOKEN` is set before use (e.g., via secure secret manager or manual export without echoing the value).
+
+HTTP:
+- Add header: `Authorization: token $GITEA_TOKEN`.
+
+CLI/Scripts:
+- Pass `GITEA_TOKEN` to commands/scripts without printing its value.