@aspruyt/xfg 3.9.4 → 3.9.6

package/README.md

@@ -8,7 +8,9 @@
 [![docs](https://img.shields.io/badge/docs-GitHub%20Pages-blue)](https://anthony-spruyt.github.io/xfg/)
 [![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](LICENSE)
 
-A CLI tool for repository-as-code. Sync files and manage settings across GitHub, Azure DevOps, and GitLab.
+Manage files, settings, and repositories across GitHub, Azure DevOps, and GitLab — declaratively, from a single YAML config.
+
+Define your organization's standards once. xfg creates PRs to sync config files, applies repository settings and rulesets via API, and can even create, fork, or migrate repositories — all from one config file.
 
 **[Full Documentation](https://anthony-spruyt.github.io/xfg/)**
 
@@ -48,7 +50,7 @@ gh auth login
 # Sync files across repos
 xfg sync --config ./config.yaml
 
-# Apply repository settings
+# Apply repository settings and rulesets
 xfg settings --config ./config.yaml
 ```
 
@@ -56,7 +58,8 @@ xfg settings --config ./config.yaml
 
 ```yaml
 # sync-config.yaml
-id: my-org-config
+id: my-org-standards
+
 files:
   .prettierrc.json:
     content:
@@ -69,6 +72,7 @@ settings:
     allowSquashMerge: true
     deleteBranchOnMerge: true
     vulnerabilityAlerts: true
+    secretScanning: true
 
   rulesets:
     main-protection:
@@ -82,6 +86,10 @@ settings:
         - type: pull_request
           parameters:
             requiredApprovingReviewCount: 1
+        - type: required_status_checks
+          parameters:
+            requiredStatusChecks:
+              - context: "ci/build"
 
 repos:
   - git:
@@ -89,8 +97,8 @@ repos:
       - git@github.com:your-org/backend-api.git
 ```
 
-**Result:** PRs are created with `.prettierrc.json` files, and repos get standardized merge options, security settings, and branch protection rules.
+**Result:** PRs are created with `.prettierrc.json` files, and repos get standardized merge options, security settings, and branch protection rulesets.
 
 ## Documentation
 
-See **[anthony-spruyt.github.io/xfg](https://anthony-spruyt.github.io/xfg/)** for configuration reference, examples, platform setup, and troubleshooting.
+See **[anthony-spruyt.github.io/xfg](https://anthony-spruyt.github.io/xfg/)** for the full feature list, configuration reference, examples, platform setup, and troubleshooting.

package/dist/cli/program.js

@@ -27,7 +27,7 @@ function addSharedOptions(cmd) {
 // =============================================================================
 program
     .name("xfg")
-    .description("Sync files and manage settings across repositories")
+    .description("Manage files, settings, and repositories across GitHub, Azure DevOps, and GitLab")
     .version(packageJson.version);
 // Sync command (file synchronization)
 const syncCommand = new Command("sync")

package/dist/settings/repo-settings/github-repo-settings-strategy.js

@@ -1,6 +1,7 @@
 import { defaultExecutor, } from "../../shared/command-executor.js";
 import { isGitHubRepo, } from "../../shared/repo-detector.js";
 import { escapeShellArg } from "../../shared/shell-utils.js";
+import { withRetry } from "../../shared/retry-utils.js";
 /**
  * Converts camelCase to snake_case.
  */
@@ -181,9 +182,9 @@ export class GitHubRepoSettingsStrategy {
             (method === "POST" || method === "PUT" || method === "PATCH")) {
             const payloadJson = JSON.stringify(payload);
             const command = `echo ${escapeShellArg(payloadJson)} | ${tokenPrefix}${baseCommand} --input -`;
-            return await this.executor.exec(command, process.cwd());
+            return await withRetry(() => this.executor.exec(command, process.cwd()));
         }
         const command = `${tokenPrefix}${baseCommand}`;
-        return await this.executor.exec(command, process.cwd());
+        return await withRetry(() => this.executor.exec(command, process.cwd()));
     }
 }

package/dist/settings/rulesets/github-ruleset-strategy.js

@@ -1,6 +1,7 @@
 import { defaultExecutor, } from "../../shared/command-executor.js";
 import { isGitHubRepo, } from "../../shared/repo-detector.js";
 import { escapeShellArg } from "../../shared/shell-utils.js";
+import { withRetry } from "../../shared/retry-utils.js";
 // =============================================================================
 // Conversion Functions
 // =============================================================================
@@ -201,10 +202,10 @@ export class GitHubRulesetStrategy {
         if (payload && (method === "POST" || method === "PUT")) {
             const payloadJson = JSON.stringify(payload);
             const command = `echo ${escapeShellArg(payloadJson)} | ${tokenPrefix}${baseCommand} --input -`;
-            return await this.executor.exec(command, process.cwd());
+            return await withRetry(() => this.executor.exec(command, process.cwd()));
         }
         // For GET/DELETE, run command directly
         const command = `${tokenPrefix}${baseCommand}`;
-        return await this.executor.exec(command, process.cwd());
+        return await withRetry(() => this.executor.exec(command, process.cwd()));
     }
 }

package/dist/vcs/graphql-commit-strategy.js

@@ -1,6 +1,7 @@
 import { defaultExecutor, } from "../shared/command-executor.js";
 import { isGitHubRepo } from "../shared/repo-detector.js";
 import { escapeShellArg } from "../shared/shell-utils.js";
+import { withRetry, DEFAULT_PERMANENT_ERROR_PATTERNS, } from "../shared/retry-utils.js";
 /**
  * Maximum payload size for GitHub GraphQL API (50MB).
  * Base64 encoding adds ~33% overhead, so raw content should be checked.
@@ -29,6 +30,16 @@ export function validateBranchName(branchName) {
             `alphanumeric characters, hyphens, underscores, dots, and forward slashes.`);
     }
 }
+/**
+ * OID mismatch error patterns that should NOT be retried by the inner withRetry.
+ * The outer retry loop in commit() handles these by fetching a fresh HEAD OID.
+ */
+const OID_MISMATCH_PATTERNS = [
+    /expected branch to point to/i,
+    /expectedheadoid/i,
+    /head oid/i,
+    /was provided invalid value/i,
+];
 /**
  * GraphQL-based commit strategy using GitHub's createCommitOnBranch mutation.
  * Used with GitHub App authentication. Commits via this strategy ARE verified
@@ -162,7 +173,12 @@ export class GraphQLCommitStrategy {
         // GH_TOKEN env var must be set for the gh command (after the pipe), not echo
         const tokenPrefix = token ? `GH_TOKEN=${token} ` : "";
         const command = `echo ${escapeShellArg(requestBody)} | ${tokenPrefix}gh api graphql ${hostnameArg} --input -`;
-        const response = await this.executor.exec(command, workDir);
+        const response = await withRetry(() => this.executor.exec(command, workDir), {
+            permanentErrorPatterns: [
+                ...DEFAULT_PERMANENT_ERROR_PATTERNS,
+                ...OID_MISMATCH_PATTERNS,
+            ],
+        });
         // Parse the response
         const parsed = JSON.parse(response);
         if (parsed.errors) {

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@aspruyt/xfg",
-  "version": "3.9.4",
-  "description": "CLI tool for repository-as-code: sync files and manage settings across GitHub, Azure DevOps, and GitLab",
+  "version": "3.9.6",
+  "description": "Manage files, settings, and repositories across GitHub, Azure DevOps, and GitLab — declaratively, from a single YAML config",
   "type": "module",
   "main": "dist/index.js",
   "bin": {