Forgejo 15.0 is now available as the latest major update to the self-hosted Git collaboration platform and serves as the project’s new long-term support release.
A key update is the introduction of repository-specific access tokens. Administrators and users can now restrict tokens to selected repositories, reducing unnecessary access. Repository API authorization has also been updated to support this enhanced security model.
Forgejo 15.0 also delivers a significant update to Forgejo Actions. Reusable workflows can now expand into individual jobs when the top-level runs-on field is omitted, allowing jobs to appear separately in logs and be dispatched independently to different runners.
OpenID Connect support for Forgejo Actions is another major addition. This feature enables workflows to authenticate with third-party systems using short-lived signed tokens rather than long-lived static secrets, reducing the risk of credential leaks or reuse. Support requires Forgejo v15.0 and Forgejo Runner versions later than 12.5.
The release introduces ephemeral runners, which execute a single job before their credentials are invalidated and registration is removed. This feature targets autoscaled runner fleets and advanced integrations that require temporary credentials and short-lived workers. In addition, runner setup has been improved with a new web-based registration workflow, replacing part of the previous command-line process.
The update also enhances the user interface by removing the Alt key requirement for label exclusion in filters, improving releases page responsiveness across devices, expanding Git notes editing in single-commit pull request views, and adding several screen reader accessibility improvements.
For more details, see the announcement.
Administrators planning upgrades should review the breaking changes. The default cookie names have changed, so users must sign in again after upgrading unless the previous cookie name is restored in the configuration.
Additionally, backward-compatibility logic for the rootless Docker config file location has been removed, affecting deployments that still use /etc/gitea instead of the updated path.
Forgejo operates on a three-month major release cycle, with patch releases provided as needed. With v15.0 now the current LTS branch, Forgejo 11.0 will remain supported until July 16, 2026.
