Back to Home

Forgejo v15.0 LTS: secure CI/CD and Git platform

The article describes key innovations in the Forgejo v15.0 LTS release: interface improvements, secure tokens tied to repositories, expanded CI/CD capabilities, and work with Git notes. The material is aimed at technical specialists and DevOps engineers.

Forgejo v15.0: what's new for developers and DevOps?
Advertisement 728x90

Forgejo v15.0 LTS: New Features for Secure and Flexible Collaborative Development

Forgejo v15.0 has been released — long-term support (LTS) until July 15, 2027. This is a stable release of the open-source platform designed for self-hosting Git repositories and CI/CD processes. Forgejo, a fork of Gitea, continues to evolve as an alternative to GitHub, GitLab, and Bitbucket, with a focus on privacy, infrastructure control, and extensibility.

User Interface Improvements

One of the key focuses in v15.0 was improving accessibility and usability. Previously, excluding labels when filtering issues required holding the Alt key — this created barriers for mobile users and those without keyboards. Now, the feature uses a visible button that can be clicked or tapped. This is especially important for touchscreens, where hovering isn't possible.

The releases page has been completely redesigned: responsive layout ensures proper display on any device format — from smartphones to desktop monitors. Issue filtering and browsing the releases list are now more intuitive, reducing cognitive load during daily project work.

Google AdInline article slot

Enhanced Notes and Commit Management

Developers now have more control over notes (Git notes). Previously, editing them was limited to the console or external tools. Now, in the pull request interface, you can:

  • add notes to individual commits;
  • edit existing notes directly in the web interface;
  • undo changes using the standard undo mechanism;
  • delete notes without needing to use the CLI.

These changes simplify documenting key decisions tied to specific commits, especially in teams that require change audits or context explanations without modifying the code itself.

Security Through Isolation: Repository-Bound Tokens

v15.0 introduces support for access tokens limited to a specific list of repositories. When creating a token via API or the web interface, an admin can explicitly specify which repositories it has access to. Such a token:

Google AdInline article slot
  • cannot perform operations on repositories outside the allowed list;
  • retains read access to public repositories (read-only);
  • reduces risks if compromised — a leak doesn't grant full access to the entire infrastructure.

This is particularly relevant for organizations using Forgejo in multi-tenant environments or granting access to external contractors.

Forgejo Actions: Scalability and Integration

The Forgejo Actions CI/CD system has received major improvements:

  • Support for reusable workflows allows centralizing build and test logic, avoiding configuration duplication.
  • OpenID Connect (OIDC) support simplifies secure integration with cloud providers (AWS, GCP, Azure) without storing long-lived secrets.
  • Forgejo Runner registration has been simplified — installation now requires fewer steps, and ephemeral runners automatically scale with load, then self-destruct after task completion, minimizing the attack surface.

These changes position Forgejo as a competitive solution for enterprise environments, where security, auditing, and regulatory compliance matter.

Google AdInline article slot

Key Highlights

  • Long-term support: The v15.0 LTS release will be supported until July 15, 2027.
  • Enhanced security: Repository-bound tokens and OIDC reduce leak risks.
  • Improved UX: The interface is now more accessible for mobile users and easier for daily use.
  • CI/CD flexibility: Reusable workflows and ephemeral runners simplify managing complex pipelines.
  • Open license: Code is distributed under MIT and GPLv3+, ensuring freedom to use and modify.

Forgejo continues to strengthen its position as a self-hosted alternative to commercial platforms, offering not just functionality but also control over data and processes. For DevOps engineers and teams valuing privacy and autonomy, it's becoming an increasingly attractive solution.

— Editorial Team

Advertisement 728x90

Read Next