Derive Gitea package owner dynamically

README.md

@@ -116,6 +116,8 @@ If a placeholder does not apply, remove it instead of inventing fake information
 
 Agents must not leave unresolved placeholders in copied files unless the value is genuinely unknown and marked as `PENDING`.
 
+Agents must derive `REPOSITORY_OWNER` and `REPOSITORY_NAME` from the target repository remote URL or `GITHUB_REPOSITORY`. Do not reuse the owner from this repository kit's own remote.
+
 <p align="center"><img src="https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/rainbow.png" alt="-----------------------------------------------------" width="100%"></p>
 
 ## Agent Responsibilities

existing-project.md

@@ -48,6 +48,8 @@ Identify:
 - existing release notes or changelog,
 - security-sensitive behavior.
 
+Derive the repository owner and repository name from the target repository remote URL or `GITHUB_REPOSITORY`. Do not copy the owner from this repository kit's own remote.
+
 If a matching stack profile exists in `profiles/`, read it before changing commands, CI, or ignore rules.
 
 ### 2. Add Agent Context

files/AGENTS.md

@@ -16,6 +16,7 @@ PROJECT_NAME: PROJECT_DESCRIPTION
 - Do not create a release unless explicitly requested.
 - Check `git status --short` before editing and before finishing. Preserve unrelated user changes.
 - Replace all applicable placeholders. Remove non-applicable placeholder sections instead of leaving fake values.
+- Derive `REPOSITORY_OWNER` and `REPOSITORY_NAME` from the target repository remote or `GITHUB_REPOSITORY`. Never reuse the owner from this template repository.
 - If `GITEA_TOKEN` is available locally, use it only for read-only Gitea API checks such as private repository metadata, package-read visibility, and Actions run status. Never print, commit, or store the token.
 - After pushing commits that trigger a Gitea workflow, poll the workflow run until it succeeds. If it fails or is cancelled, inspect the failing job/logs, fix the issue when in scope, push again, and repeat the workflow check loop. Fixing and pushing a workflow failure is not a stopping point.
 - When the project uses `blueprint.md` and `blueprint.json` for README generation, keep the rainbow `{{ template:section-line }}` divider between major README sections. Do not replace it with plain `---` unless the target renderer cannot display inline images.

files/build-gitea.yml

@@ -54,8 +54,14 @@ jobs:
           app_version="PROJECT_VERSION"
           package_version="${app_version}-${GITHUB_SHA::7}"
           package_name="PACKAGE_NAME"
+          repository_owner="${GITHUB_REPOSITORY_OWNER:-${GITHUB_REPOSITORY%%/*}}"
+          if [ -z "${repository_owner}" ] || [ "${repository_owner}" = "${GITHUB_REPOSITORY}" ]; then
+            repository_owner="REPOSITORY_OWNER"
+          fi
+          gitea_server="${GITHUB_SERVER_URL:-https://git.wilkensxl.de}"
+          gitea_server="${gitea_server%/}"
           package_dir="package-registry"
-          latest_url="https://git.wilkensxl.de/api/packages/REPOSITORY_OWNER/generic/PACKAGE_NAME/latest"
+          latest_url="${gitea_server}/api/packages/${repository_owner}/generic/${package_name}/latest"
 
           mapfile -d '' artifacts < <(find ARTIFACT_OUTPUT_DIRECTORY -maxdepth 1 -type f -print0)
           if [ "${#artifacts[@]}" -eq 0 ]; then
@@ -79,12 +85,12 @@ jobs:
             cp "$artifact" "${package_dir}/versioned/${safe_name}"
 
             curl --fail-with-body \
-              --user "REPOSITORY_OWNER:${REGISTRY_TOKEN}" \
+              --user "${repository_owner}:${REGISTRY_TOKEN}" \
               --upload-file "${package_dir}/versioned/${safe_name}" \
-              "https://git.wilkensxl.de/api/packages/REPOSITORY_OWNER/generic/PACKAGE_NAME/${package_version}/${safe_name}"
+              "${gitea_server}/api/packages/${repository_owner}/generic/${package_name}/${package_version}/${safe_name}"
           done
 
-          curl --silent --show-error --user "REPOSITORY_OWNER:${REGISTRY_TOKEN}" --request DELETE "${latest_url}" || true
+          curl --silent --show-error --user "${repository_owner}:${REGISTRY_TOKEN}" --request DELETE "${latest_url}" || true
 
           for artifact in "${artifacts[@]}"; do
             extension=""
@@ -99,7 +105,7 @@ jobs:
             cp "$artifact" "${package_dir}/latest/${safe_name}"
 
             curl --fail-with-body \
-              --user "REPOSITORY_OWNER:${REGISTRY_TOKEN}" \
+              --user "${repository_owner}:${REGISTRY_TOKEN}" \
               --upload-file "${package_dir}/latest/${safe_name}" \
               "${latest_url}/${safe_name}"
           done

new-repository.md

@@ -72,6 +72,8 @@ REPOSITORY_OWNER
 REPOSITORY_NAME
 ```
 
+Derive `REPOSITORY_OWNER` and `REPOSITORY_NAME` from the target repository remote URL or `GITHUB_REPOSITORY`. Do not copy the owner from this repository kit's own remote.
+
 Optional:
 
 ```text