azdo-cli 0.10.0-develop.423 → 0.10.0-develop.479

package/README.md

@@ -58,7 +58,7 @@ azdo pr comments                        # active-branch PR
 azdo pr comments --pr-number 64         # any PR by number (skips branch lookup)
 azdo pr comments --pr-number 64 --hide-resolved      # or --exclude-resolved (alias)
 azdo pr comments --code-related-only    # only file/line-anchored threads
-azdo pr status                          # PR checks (status + branch policies) + code-comment counts
+azdo pr status                          # PR checks (status + branch policies + pipeline builds) + code-comment counts
 azdo pr comment-resolve 17 --pr-number 64   # idempotent: exit 0 even when already resolved
 azdo pr comment-reopen 17  --pr-number 64
 

package/dist/{chunk-C7RAZJHV.js → chunk-XVXMDWQE.js}

@@ -65,6 +65,7 @@ var SETTINGS = [
   }
 ];
 var VALID_KEYS = SETTINGS.map((s) => s.key);
+var SCOPED_KEYS = ["project", "fields", "markdown"];
 function getConfigPath() {
   return path.join(os.homedir(), ".azdo", "config.json");
 }
@@ -88,6 +89,20 @@ function loadConfig() {
   }
 }
 function saveConfig(config) {
+  if (config.organizations) {
+    const normalised = {};
+    for (const [k, v] of Object.entries(config.organizations)) {
+      if (v && Object.keys(v).length > 0) {
+        normalised[k.toLowerCase()] = v;
+      }
+    }
+    if (Object.keys(normalised).length > 0) {
+      config = { ...config, organizations: normalised };
+    } else {
+      const { organizations: _, ...rest } = config;
+      config = rest;
+    }
+  }
   const configPath = getConfigPath();
   const dir = path.dirname(configPath);
   fs.mkdirSync(dir, { recursive: true });
@@ -126,6 +141,115 @@ function unsetConfigValue(key) {
   delete config[key];
   saveConfig(config);
 }
+function resolveScopedConfig(org) {
+  const config = loadConfig();
+  const base = {
+    project: config.project,
+    fields: config.fields,
+    markdown: config.markdown,
+    org: config.org
+  };
+  if (!org) return base;
+  const scope = config.organizations?.[org.toLowerCase()];
+  if (!scope) return base;
+  return {
+    org: config.org,
+    project: scope.project ?? config.project,
+    fields: scope.fields ?? config.fields,
+    markdown: scope.markdown ?? config.markdown
+  };
+}
+function validateScopedKey(key) {
+  if (!SCOPED_KEYS.includes(key)) {
+    throw new Error(
+      `Invalid scoped key "${key}". Valid scoped keys: ${SCOPED_KEYS.join(", ")}`
+    );
+  }
+}
+function applyValueToScope(scope, key, value) {
+  if (key === "fields") {
+    return { ...scope, fields: value.split(",").map((s) => s.trim()).filter(Boolean) };
+  }
+  if (key === "markdown") {
+    if (value !== "true" && value !== "false") {
+      throw new Error(`Invalid value "${value}" for markdown. Must be "true" or "false".`);
+    }
+    return { ...scope, markdown: value === "true" };
+  }
+  return { ...scope, [key]: value };
+}
+function setOrgScopedValue(org, key, value) {
+  validateScopedKey(key);
+  const config = loadConfig();
+  const lc = org.toLowerCase();
+  const existing = config.organizations?.[lc] ?? {};
+  const updated = applyValueToScope(existing, key, value);
+  saveConfig({
+    ...config,
+    organizations: { ...config.organizations, [lc]: updated }
+  });
+}
+function unsetOrgScopedValue(org, key) {
+  validateScopedKey(key);
+  const config = loadConfig();
+  const lc = org.toLowerCase();
+  const scope = config.organizations?.[lc];
+  if (!scope) return;
+  const { [key]: _, ...rest } = scope;
+  saveConfig({
+    ...config,
+    organizations: { ...config.organizations, [lc]: rest }
+  });
+}
+function getOrgScopedValue(org, key) {
+  validateScopedKey(key);
+  const config = loadConfig();
+  const scope = config.organizations?.[org.toLowerCase()];
+  return scope?.[key];
+}
+function readScope(config, name) {
+  if (name === "default") {
+    const { org: _o, organizations: _orgs, ...defaults } = config;
+    return defaults;
+  }
+  return config.organizations?.[name.toLowerCase()] ?? {};
+}
+function copyOrgScope(from, to, force = false) {
+  const config = loadConfig();
+  const source = readScope(config, from);
+  const toLc = to.toLowerCase();
+  const dest = config.organizations?.[toLc] ?? {};
+  if (!force) {
+    const collisions = Object.keys(source).filter(
+      (k) => dest[k] !== void 0
+    );
+    if (collisions.length > 0) {
+      throw new Error(
+        `Scope "${toLc}" already has values for: ${collisions.join(", ")}. Use --force to overwrite.`
+      );
+    }
+  }
+  saveConfig({
+    ...config,
+    organizations: {
+      ...config.organizations,
+      [toLc]: { ...dest, ...source }
+    }
+  });
+}
+function moveOrgScope(from, to, force = false) {
+  copyOrgScope(from, to, force);
+  if (from !== "default") {
+    deleteOrgScope(from);
+  }
+}
+function deleteOrgScope(name) {
+  const config = loadConfig();
+  const lc = name.toLowerCase();
+  if (!config.organizations?.[lc]) return;
+  const { [lc]: _, ...rest } = config.organizations;
+  saveConfig({ ...config, organizations: rest });
+}
 
 // src/services/oauth-config.ts
 var DEFAULT_OAUTH_CLIENT_ID = "872cd9fa-d31f-45e0-9eab-6e460a02d1f1";
@@ -864,7 +988,7 @@ async function deletePat(org) {
   }
   try {
     const { unlinkSync: unlinkSync2 } = await import("fs");
-    const { lockPath: lockPath2 } = await import("./oauth-token-refresh-PHW66RC4.js");
+    const { lockPath: lockPath2 } = await import("./oauth-token-refresh-7FQ4VAIS.js");
     unlinkSync2(lockPath2(org));
   } catch {
   }
@@ -1061,6 +1185,13 @@ export {
   getConfigValue,
   setConfigValue,
   unsetConfigValue,
+  resolveScopedConfig,
+  setOrgScopedValue,
+  unsetOrgScopedValue,
+  getOrgScopedValue,
+  copyOrgScope,
+  moveOrgScope,
+  deleteOrgScope,
   maskedDisplay,
   normalizePat,
   AZDO_RESOURCE_ID,

package/dist/index.js

@@ -6,15 +6,19 @@ import {
   SETTINGS,
   appendAuthAuditEvent,
   buildScopeString,
+  copyOrgScope,
   defaultScopes,
+  deleteOrgScope,
   deletePat,
   firstPartyShippedScopes,
   getConfigValue,
+  getOrgScopedValue,
   getPat,
   getStoredCredential,
   listOrgsWithStoredPat,
   loadConfig,
   maskedDisplay,
+  moveOrgScope,
   normalizePat,
   openUrl,
   probeBackend,
@@ -22,13 +26,16 @@ import {
   readTokenResponse,
   refreshIfNeeded,
   resolveOAuthConfig,
+  resolveScopedConfig,
   runAuthCodeFlow,
   setConfigValue,
+  setOrgScopedValue,
   storeOAuthCredential,
   storePat,
   tokenResponseToCredential,
-  unsetConfigValue
-} from "./chunk-C7RAZJHV.js";
+  unsetConfigValue,
+  unsetOrgScopedValue
+} from "./chunk-XVXMDWQE.js";
 
 // src/index.ts
 import { Command as Command16 } from "commander";
@@ -245,28 +252,66 @@ async function fetchWorkItemResponse(context, id, cred, options = {}) {
   }
   return await response.json();
 }
-async function getWorkItem(context, id, cred, extraFields) {
-  const normalizedExtraFields = extraFields ? normalizeFieldList(extraFields) : [];
-  const data = normalizedExtraFields.length > 0 ? await fetchWorkItemResponse(context, id, cred, {
-    fields: normalizeFieldList([...DEFAULT_FIELDS, ...normalizedExtraFields])
-  }) : await fetchWorkItemResponse(context, id, cred, { includeRelations: true });
-  const relationsData = normalizedExtraFields.length > 0 ? await fetchWorkItemResponse(context, id, cred, { includeRelations: true }) : data;
-  const descriptionParts = [];
-  if (data.fields["System.Description"]) {
-    descriptionParts.push({ label: "Description", value: data.fields["System.Description"] });
+async function getOrgFieldNames(context, cred) {
+  const url = new URL(
+    `https://dev.azure.com/${encodeURIComponent(context.org)}/_apis/wit/fields`
+  );
+  url.searchParams.set("api-version", "7.1");
+  const response = await fetchWithErrors(url.toString(), { headers: authHeaders(cred) });
+  if (!response.ok) {
+    throw new Error(`HTTP_${response.status}`);
   }
-  if (data.fields["Microsoft.VSTS.Common.AcceptanceCriteria"]) {
-    descriptionParts.push({ label: "Acceptance Criteria", value: data.fields["Microsoft.VSTS.Common.AcceptanceCriteria"] });
+  const data = await response.json();
+  return (data.value ?? []).map((f) => f.referenceName);
+}
+function buildCombinedDescription(fields) {
+  const parts = [];
+  if (fields["System.Description"]) {
+    parts.push({ label: "Description", value: fields["System.Description"] });
+  }
+  if (fields["Microsoft.VSTS.Common.AcceptanceCriteria"]) {
+    parts.push({ label: "Acceptance Criteria", value: fields["Microsoft.VSTS.Common.AcceptanceCriteria"] });
+  }
+  if (fields["Microsoft.VSTS.TCM.ReproSteps"]) {
+    parts.push({ label: "Repro Steps", value: fields["Microsoft.VSTS.TCM.ReproSteps"] });
   }
-  if (data.fields["Microsoft.VSTS.TCM.ReproSteps"]) {
-    descriptionParts.push({ label: "Repro Steps", value: data.fields["Microsoft.VSTS.TCM.ReproSteps"] });
+  if (parts.length === 0) return null;
+  if (parts.length === 1) return parts[0].value;
+  return parts.map((p) => `<h3>${p.label}</h3>${p.value}`).join("");
+}
+async function fetchWorkItemWithFallback(context, id, cred, normalizedExtraFields) {
+  try {
+    const data = await fetchWorkItemResponse(context, id, cred, {
+      fields: normalizeFieldList([...DEFAULT_FIELDS, ...normalizedExtraFields])
+    });
+    return { data, effectiveExtraFields: normalizedExtraFields };
+  } catch (err) {
+    const msg = err instanceof Error ? err.message : String(err);
+    if (!msg.includes("TF51535")) throw err;
+    const orgFieldNames = await getOrgFieldNames(context, cred);
+    const orgFieldsLower = new Set(orgFieldNames.map((n) => n.toLowerCase()));
+    const missing = normalizedExtraFields.filter((f) => !orgFieldsLower.has(f.toLowerCase()));
+    const effectiveExtraFields = normalizedExtraFields.filter((f) => orgFieldsLower.has(f.toLowerCase()));
+    for (const f of missing) {
+      process.stderr.write(`azdo: warning: field '${f}' does not exist in organization '${context.org}' and was skipped
+`);
+    }
+    const data = await fetchWorkItemResponse(context, id, cred, {
+      fields: normalizeFieldList([...DEFAULT_FIELDS, ...effectiveExtraFields])
+    });
+    return { data, effectiveExtraFields };
   }
-  let combinedDescription = null;
-  if (descriptionParts.length === 1) {
-    combinedDescription = descriptionParts.at(0)?.value ?? null;
-  } else if (descriptionParts.length > 1) {
-    combinedDescription = descriptionParts.map((p) => `<h3>${p.label}</h3>${p.value}`).join("");
+}
+async function getWorkItem(context, id, cred, extraFields) {
+  const normalizedExtraFields = extraFields ? normalizeFieldList(extraFields) : [];
+  let effectiveExtraFields = normalizedExtraFields;
+  let data;
+  if (normalizedExtraFields.length > 0) {
+    ({ data, effectiveExtraFields } = await fetchWorkItemWithFallback(context, id, cred, normalizedExtraFields));
+  } else {
+    data = await fetchWorkItemResponse(context, id, cred, { includeRelations: true });
   }
+  const relationsData = normalizedExtraFields.length > 0 ? await fetchWorkItemResponse(context, id, cred, { includeRelations: true }) : data;
   return {
     id: data.id,
     rev: data.rev,
@@ -274,11 +319,11 @@ async function getWorkItem(context, id, cred, extraFields) {
     state: data.fields["System.State"],
     type: data.fields["System.WorkItemType"],
     assignedTo: data.fields["System.AssignedTo"]?.displayName ?? null,
-    description: combinedDescription,
+    description: buildCombinedDescription(data.fields),
     areaPath: data.fields["System.AreaPath"],
     iterationPath: data.fields["System.IterationPath"],
     url: data._links.html.href,
-    extraFields: normalizedExtraFields.length > 0 ? buildExtraFields(data.fields, normalizedExtraFields) : null,
+    extraFields: effectiveExtraFields.length > 0 ? buildExtraFields(data.fields, effectiveExtraFields) : null,
     attachments: extractAttachments(relationsData.relations)
   };
 }
@@ -765,23 +810,39 @@ async function status() {
 }
 
 // src/services/git-remote.ts
-import { execSync } from "child_process";
+import { execFileSync } from "child_process";
+import fs from "fs";
+import path from "path";
 
 // src/services/remote-warning.ts
-var WARNING = "azdo: warning: origin includes embedded credentials; consider removing them with 'git remote set-url origin <clean-url>'\n";
 var warned = false;
-function noticeCredentialBearingRemote() {
+function buildWarning(remoteName) {
+  return `azdo: warning: ${remoteName} includes embedded credentials; consider removing them with 'git remote set-url ${remoteName} <clean-url>'
+`;
+}
+function noticeCredentialBearingRemote(remoteName = "origin") {
   if (warned) {
     return;
   }
   warned = true;
   try {
-    process.stderr.write(WARNING);
+    process.stderr.write(buildWarning(remoteName));
   } catch {
   }
 }
 
 // src/services/git-remote.ts
+var GIT_BINARY = (() => {
+  const known = process.platform === "win32" ? [String.raw`C:\Program Files\Git\bin\git.exe`, String.raw`C:\Program Files (x86)\Git\bin\git.exe`] : ["/usr/bin/git", "/usr/local/bin/git", "/opt/homebrew/bin/git"];
+  return known.find((p) => {
+    try {
+      execFileSync(p, ["--version"], { stdio: "ignore" });
+      return true;
+    } catch {
+      return false;
+    }
+  }) ?? "git";
+})();
 var patterns = [
   // HTTPS (current): https://[user[:token]@]dev.azure.com/{org}/{project}/_git/{repo}[.git]
   /^https?:\/\/(?:[^@/]+@)?dev\.azure\.com\/([^/]+)\/([^/]+)\/_git\/([^/]+?)(?:\.git)?$/,
@@ -794,41 +855,137 @@ var patterns = [
   // SSH (legacy): {org}@vs-ssh.visualstudio.com:v3/{org}/{project}/{repo}[.git]
   /^[^@]+@vs-ssh\.visualstudio\.com:v3\/([^/]+)\/([^/]+)\/([^/]+?)(?:\.git)?$/
 ];
-var httpsUserinfo = /^https?:\/\/[^@/]+@/;
-function parseAzdoRemote(url) {
+var httpsEmbeddedSecret = /^https?:\/\/[^:@/]+:[^@/]+@/;
+function parseSingleRemoteLine(line) {
+  const trimmed = line.trim();
+  if (!trimmed) return null;
+  const tabIdx = trimmed.indexOf("	");
+  if (tabIdx === -1) return null;
+  const remoteName = trimmed.slice(0, tabIdx);
+  const afterTab = trimmed.slice(tabIdx + 1);
+  const urlEnd = afterTab.lastIndexOf(" (");
+  const url = urlEnd === -1 ? afterTab : afterTab.slice(0, urlEnd);
+  return { remoteName, url };
+}
+function matchAzdoRemote(remoteName, url) {
   for (const pattern of patterns) {
     const match = pattern.exec(url);
-    if (match) {
-      if (httpsUserinfo.test(url)) {
-        noticeCredentialBearingRemote();
+    if (!match) continue;
+    const project = match[2];
+    if (/^DefaultCollection$/i.test(project)) return null;
+    return { remoteName, org: match[1], project, hasEmbeddedSecret: httpsEmbeddedSecret.test(url) };
+  }
+  return null;
+}
+function parseAllAzdoRemotes(output) {
+  const seen = /* @__PURE__ */ new Set();
+  const results = [];
+  for (const line of output.split("\n")) {
+    const parsed = parseSingleRemoteLine(line);
+    if (!parsed) continue;
+    const { remoteName, url } = parsed;
+    if (seen.has(remoteName)) continue;
+    const candidate = matchAzdoRemote(remoteName, url);
+    if (candidate) {
+      seen.add(remoteName);
+      results.push(candidate);
+    }
+  }
+  return results;
+}
+function selectRemote(candidates) {
+  if (candidates.length === 0) {
+    throw new Error("No Azure DevOps remote found. Provide --org and --project explicitly.");
+  }
+  const origin = candidates.find((c) => c.remoteName === "origin");
+  if (origin) return origin;
+  if (candidates.length === 1) return candidates[0];
+  const first = candidates[0];
+  const allSame = candidates.every(
+    (c) => c.org.toLowerCase() === first.org.toLowerCase() && c.project.toLowerCase() === first.project.toLowerCase()
+  );
+  if (allSame) return first;
+  const lines = candidates.map((c) => `  ${c.remoteName.padEnd(8)} \u2192 ${c.org}/${c.project}`).join("\n");
+  throw new Error(
+    `Multiple Azure DevOps remotes found with different org/project:
+${lines}
+Use --org/--project (or 'git remote rename <name> origin') to disambiguate.`
+  );
+}
+function readGitConfigContent() {
+  const gitDirEnv = process.env.GIT_DIR;
+  if (gitDirEnv) {
+    return fs.readFileSync(path.join(gitDirEnv, "config"), "utf-8");
+  }
+  let dir = process.cwd();
+  for (; ; ) {
+    const gitPath = path.join(dir, ".git");
+    try {
+      const stat = fs.statSync(gitPath);
+      if (stat.isDirectory()) {
+        return fs.readFileSync(path.join(gitPath, "config"), "utf-8");
       }
-      const project = match[2];
-      if (/^DefaultCollection$/i.test(project)) {
-        return { org: match[1], project: "" };
+      if (stat.isFile()) {
+        const ref = fs.readFileSync(gitPath, "utf-8");
+        const m = /^gitdir:[ \t]*([^\r\n]+)/m.exec(ref);
+        if (m) {
+          return fs.readFileSync(path.join(path.resolve(dir, m[1].trim()), "config"), "utf-8");
+        }
+      }
+    } catch {
+    }
+    const parent = path.dirname(dir);
+    if (parent === dir) break;
+    dir = parent;
+  }
+  throw new Error("Not in a git repository. Provide --org and --project explicitly.");
+}
+function gitConfigToRemoteLines(configContent) {
+  const lines = [];
+  let currentRemote = null;
+  let emittedUrl = false;
+  for (const line of configContent.split("\n")) {
+    const sectionMatch = /^\[remote\s+"([^"]+)"\]/.exec(line);
+    if (sectionMatch) {
+      currentRemote = sectionMatch[1];
+      emittedUrl = false;
+      continue;
+    }
+    if (line.startsWith("[")) {
+      currentRemote = null;
+      emittedUrl = false;
+      continue;
+    }
+    if (currentRemote && !emittedUrl) {
+      const urlMatch = /^[ \t]+url[ \t]*=[ \t]*([^\r\n]+)/.exec(line);
+      if (urlMatch) {
+        lines.push(`${currentRemote}	${urlMatch[1].trim()} (fetch)`);
+        emittedUrl = true;
       }
-      return { org: match[1], project };
     }
   }
-  return null;
+  return lines.join("\n");
 }
 function detectAzdoContext() {
-  let remoteUrl;
+  let configContent;
   try {
-    remoteUrl = execSync("git remote get-url origin", { encoding: "utf-8" }).trim();
+    configContent = readGitConfigContent();
   } catch {
     throw new Error("Not in a git repository. Provide --org and --project explicitly.");
   }
-  const context = parseAzdoRemote(remoteUrl);
-  if (!context || !context.org && !context.project) {
-    throw new Error('Git remote "origin" is not an Azure DevOps URL. Provide --org and --project explicitly.');
+  const remoteLines = gitConfigToRemoteLines(configContent);
+  const candidates = parseAllAzdoRemotes(remoteLines);
+  const selected = selectRemote(candidates);
+  if (selected.hasEmbeddedSecret) {
+    noticeCredentialBearingRemote(selected.remoteName);
   }
-  return context;
+  return { org: selected.org, project: selected.project };
 }
 function parseRepoName(url) {
   for (const pattern of patterns) {
     const match = pattern.exec(url);
     if (match) {
-      if (httpsUserinfo.test(url)) {
+      if (httpsEmbeddedSecret.test(url)) {
         noticeCredentialBearingRemote();
       }
       return match[3];
@@ -839,7 +996,7 @@ function parseRepoName(url) {
 function detectRepoName() {
   let remoteUrl;
   try {
-    remoteUrl = execSync("git remote get-url origin", { encoding: "utf-8" }).trim();
+    remoteUrl = execFileSync(GIT_BINARY, ["remote", "get-url", "origin"], { encoding: "utf-8", stdio: ["ignore", "pipe", "ignore"] }).trim();
   } catch {
     throw new Error('Not in a git repository. Check that git remote "origin" exists and try again.');
   }
@@ -850,7 +1007,7 @@ function detectRepoName() {
   return repo;
 }
 function getCurrentBranch() {
-  const branch = execSync("git rev-parse --abbrev-ref HEAD", { encoding: "utf-8" }).trim();
+  const branch = execFileSync(GIT_BINARY, ["rev-parse", "--abbrev-ref", "HEAD"], { encoding: "utf-8", stdio: ["ignore", "pipe", "ignore"] }).trim();
   if (branch === "HEAD") {
     throw new Error("Not on a named branch. Check out a named branch and try again.");
   }
@@ -886,7 +1043,7 @@ function formatResolutionError() {
   return [
     "Could not resolve an Azure DevOps organization. Options (in priority order):",
     "  1. Pass --org <name> on the command line.",
-    "  2. Run this command from a git repo whose origin remote is an Azure DevOps URL.",
+    "  2. Run this command from a git repo that has an Azure DevOps remote.",
     "  3. Run `azdo config set org <name>` once to set a persistent default."
   ].join("\n");
 }
@@ -899,9 +1056,9 @@ function resolveContext(options) {
     gitContext = detectAzdoContext();
   } catch {
   }
-  const config = loadConfig();
   const org = resolvedOrg?.org;
-  const project = options.project || (gitContext?.project && gitContext.project.length > 0 ? gitContext.project : void 0) || config.project;
+  const scopedCfg = resolveScopedConfig(org);
+  const project = options.project || (gitContext?.project && gitContext.project.length > 0 ? gitContext.project : void 0) || scopedCfg.project;
   if (org && project) {
     return { org, project };
   }
@@ -1354,9 +1511,10 @@ function createGetItemCommand() {
       try {
         context = resolveContext(options);
         const credential = await requireAuthCredential(context.org);
-        const fieldsList = options.fields === void 0 ? parseRequestedFields(loadConfig().fields) : parseRequestedFields(options.fields);
+        const scopedCfg = resolveScopedConfig(context.org);
+        const fieldsList = options.fields === void 0 ? parseRequestedFields(scopedCfg.fields) : parseRequestedFields(options.fields);
         const workItem = await getWorkItem(context, id, credential, fieldsList);
-        const markdownEnabled = options.markdown ?? loadConfig().markdown ?? false;
+        const markdownEnabled = options.markdown ?? scopedCfg.markdown ?? false;
         const output = formatWorkItem(workItem, options.short ?? false, markdownEnabled);
         process.stdout.write(output + "\n");
         if (imageOptions.enabled) {
@@ -1836,18 +1994,47 @@ function formatConfigValue(value, unsetFallback = "") {
   }
   return Array.isArray(value) ? value.join(",") : value;
 }
+function buildConfigListEntries(cfg) {
+  const entries = SETTINGS.map((s) => ({
+    scope: "default",
+    key: s.key,
+    value: cfg[s.key]
+  }));
+  for (const [orgName, scope] of Object.entries(cfg.organizations ?? {})) {
+    for (const [k, v] of Object.entries(scope)) {
+      entries.push({ scope: orgName, key: k, value: v });
+    }
+  }
+  return entries;
+}
 function writeConfigList(cfg) {
   const keyWidth = 10;
   const valueWidth = 30;
+  const scopeWidth = 12;
+  process.stdout.write(
+    `${"scope".padEnd(scopeWidth)}${"key".padEnd(keyWidth)}${"value".padEnd(valueWidth)}description
+`
+  );
   for (const setting of SETTINGS) {
     const raw = cfg[setting.key];
     const value = formatConfigValue(raw, "(not set)");
     const marker = raw === void 0 && setting.required ? " *" : "";
     process.stdout.write(
-      `${setting.key.padEnd(keyWidth)}${String(value).padEnd(valueWidth)}${setting.description}${marker}
+      `${"default".padEnd(scopeWidth)}${setting.key.padEnd(keyWidth)}${String(value).padEnd(valueWidth)}${setting.description}${marker}
 `
     );
   }
+  for (const [orgName, scope] of Object.entries(cfg.organizations ?? {})) {
+    const orgScope = scope;
+    const scopedSettings = Object.entries(orgScope);
+    for (const [k, v] of scopedSettings) {
+      const value = formatConfigValue(v, "(not set)");
+      process.stdout.write(
+        `${orgName.padEnd(scopeWidth)}${k.padEnd(keyWidth)}${String(value).padEnd(valueWidth)}
+`
+      );
+    }
+  }
   const hasUnset = SETTINGS.some((s) => s.required && cfg[s.key] === void 0);
   if (hasUnset) {
     process.stdout.write(
@@ -1891,17 +2078,22 @@ function createConfigCommand() {
   const config = new Command4("config");
   config.description("Manage CLI settings");
   const set = new Command4("set");
-  set.description("Set a configuration value").argument("<key>", "setting key (org, project, fields)").argument("<value>", "setting value").option("--json", "output in JSON format").action((key, value, options) => {
+  set.description("Set a configuration value").argument("<key>", "setting key (org, project, fields, markdown)").argument("<value>", "setting value").option("--org <org>", "set value in an org-scoped configuration").option("--json", "output in JSON format").action((key, value, options) => {
     try {
-      setConfigValue(key, value);
+      if (options.org) {
+        setOrgScopedValue(options.org, key, value);
+      } else {
+        setConfigValue(key, value);
+      }
       if (options.json) {
-        const output = { key, value };
+        const output = { key, value, scope: options.org ?? "default" };
         if (key === "fields") {
           output.value = value.split(",").map((s) => s.trim());
         }
         process.stdout.write(JSON.stringify(output) + "\n");
       } else {
-        process.stdout.write(`Set "${key}" to "${value}"
+        const scopeTag = options.org ? ` (org: ${options.org})` : "";
+        process.stdout.write(`Set "${key}" to "${value}"${scopeTag}
 `);
       }
     } catch (err) {
@@ -1912,12 +2104,12 @@ function createConfigCommand() {
     }
   });
   const get = new Command4("get");
-  get.description("Get a configuration value").argument("<key>", "setting key (org, project, fields)").option("--json", "output in JSON format").action((key, options) => {
+  get.description("Get a configuration value").argument("<key>", "setting key (org, project, fields, markdown)").option("--org <org>", "read from an org-scoped configuration").option("--json", "output in JSON format").action((key, options) => {
     try {
-      const value = getConfigValue(key);
+      const value = options.org ? getOrgScopedValue(options.org, key) : getConfigValue(key);
       if (options.json) {
         process.stdout.write(
-          JSON.stringify({ key, value: value ?? null }) + "\n"
+          JSON.stringify({ key, value: value ?? null, scope: options.org ?? "default" }) + "\n"
         );
       } else if (value === void 0) {
         process.stdout.write(`Setting "${key}" is not configured.
@@ -1925,7 +2117,7 @@ function createConfigCommand() {
       } else if (Array.isArray(value)) {
         process.stdout.write(value.join(",") + "\n");
       } else {
-        process.stdout.write(value + "\n");
+        process.stdout.write(String(value) + "\n");
       }
     } catch (err) {
       const message = err instanceof Error ? err.message : String(err);
@@ -1938,19 +2130,25 @@ function createConfigCommand() {
   list.description("List all configuration values").option("--json", "output in JSON format").action((options) => {
     const cfg = loadConfig();
     if (options.json) {
-      process.stdout.write(JSON.stringify(cfg) + "\n");
+      const entries = buildConfigListEntries(cfg);
+      process.stdout.write(JSON.stringify(entries) + "\n");
       return;
     }
     writeConfigList(cfg);
   });
   const unset = new Command4("unset");
-  unset.description("Remove a configuration value").argument("<key>", "setting key (org, project, fields)").option("--json", "output in JSON format").action((key, options) => {
+  unset.description("Remove a configuration value").argument("<key>", "setting key (org, project, fields, markdown)").option("--org <org>", "remove from an org-scoped configuration").option("--json", "output in JSON format").action((key, options) => {
     try {
-      unsetConfigValue(key);
+      if (options.org) {
+        unsetOrgScopedValue(options.org, key);
+      } else {
+        unsetConfigValue(key);
+      }
       if (options.json) {
-        process.stdout.write(JSON.stringify({ key, unset: true }) + "\n");
+        process.stdout.write(JSON.stringify({ key, unset: true, scope: options.org ?? "default" }) + "\n");
       } else {
-        process.stdout.write(`Unset "${key}"
+        const scopeTag = options.org ? ` (org: ${options.org})` : "";
+        process.stdout.write(`Unset "${key}"${scopeTag}
 `);
       }
     } catch (err) {
@@ -1982,10 +2180,52 @@ function createConfigCommand() {
     rl.close();
     process.stderr.write("Configuration complete!\n");
   });
+  const orgCopy = new Command4("org-copy");
+  orgCopy.description('Copy settings from one scope to another (use "default" as source to copy top-level settings)').argument("<from>", 'source scope name or "default"').argument("<to>", "destination org name").option("--force", "overwrite existing values on collision").action((from, to, options) => {
+    try {
+      copyOrgScope(from, to, options.force ?? false);
+      process.stdout.write(`Copied scope "${from}" to "${to}"
+`);
+    } catch (err) {
+      const message = err instanceof Error ? err.message : String(err);
+      process.stderr.write(`Error: ${message}
+`);
+      process.exit(1);
+    }
+  });
+  const orgMove = new Command4("org-move");
+  orgMove.description("Move settings from one org scope to another").argument("<from>", "source org name").argument("<to>", "destination org name").option("--force", "overwrite existing values on collision").action((from, to, options) => {
+    try {
+      moveOrgScope(from, to, options.force ?? false);
+      process.stdout.write(`Moved scope "${from}" to "${to}"
+`);
+    } catch (err) {
+      const message = err instanceof Error ? err.message : String(err);
+      process.stderr.write(`Error: ${message}
+`);
+      process.exit(1);
+    }
+  });
+  const orgDelete = new Command4("org-delete");
+  orgDelete.description("Delete an org-scoped configuration").argument("<name>", "org name").action((name) => {
+    try {
+      deleteOrgScope(name);
+      process.stdout.write(`Deleted scope "${name}"
+`);
+    } catch (err) {
+      const message = err instanceof Error ? err.message : String(err);
+      process.stderr.write(`Error: ${message}
+`);
+      process.exit(1);
+    }
+  });
   config.addCommand(set);
   config.addCommand(get);
   config.addCommand(list);
   config.addCommand(unset);
+  config.addCommand(orgCopy);
+  config.addCommand(orgMove);
+  config.addCommand(orgDelete);
   config.addCommand(wizard);
   return config;
 }
@@ -2667,6 +2907,16 @@ function buildPolicyEvaluationsUrl(context, projectId, prId) {
   url.searchParams.set("artifactId", `vstfs:///CodeReview/CodeReviewId/${projectId}/${prId}`);
   return url;
 }
+function buildPullRequestBuildsUrl(context, prId) {
+  const url = new URL(
+    `https://dev.azure.com/${encodeURIComponent(context.org)}/${encodeURIComponent(context.project)}/_apis/build/builds`
+  );
+  url.searchParams.set("branchName", `refs/pull/${prId}/merge`);
+  url.searchParams.set("queryOrder", "queueTimeDescending");
+  url.searchParams.set("$top", "50");
+  url.searchParams.set("api-version", "7.1");
+  return url;
+}
 function mapPullRequest(repo, pullRequest) {
   return {
     id: pullRequest.pullRequestId,
@@ -2726,6 +2976,22 @@ function mapPolicyEvaluationState(status2) {
       return status2;
   }
 }
+function mapBuildToCheckState(build) {
+  if (build.status !== "completed") {
+    return "pending";
+  }
+  switch (build.result) {
+    case "succeeded":
+    case "partiallySucceeded":
+      return "succeeded";
+    case "failed":
+      return "failed";
+    case "canceled":
+      return "error";
+    default:
+      return "pending";
+  }
+}
 function mapPolicyEvaluationName(evaluation) {
   const display = evaluation.configuration?.settings?.displayName?.trim() || evaluation.configuration?.type?.displayName?.trim();
   if (display) {
@@ -2747,7 +3013,8 @@ function mapPolicyEvaluationCheck(evaluation) {
     createdBy: null,
     createdAt: null,
     updatedAt: null,
-    source: "policy"
+    source: "policy",
+    isBlocking: evaluation.configuration?.isBlocking ?? null
   };
 }
 function mapComment(comment) {
@@ -2769,7 +3036,7 @@ function mapThread(thread) {
   }
   return {
     id: thread.id,
-    status: thread.status,
+    status: thread.status ?? "unknown",
     threadContext: thread.threadContext?.filePath ?? null,
     comments
   };
@@ -2777,7 +3044,7 @@ function mapThread(thread) {
 function toActiveCommentThread(thread) {
   return {
     id: thread.id,
-    status: thread.status,
+    status: thread.status ?? "unknown",
     threadContext: thread.threadContext?.filePath ?? null,
     comments: thread.comments.map(mapComment).filter((comment) => comment !== null)
   };
@@ -2848,6 +3115,24 @@ async function getPullRequestPolicyEvaluations(context, cred, projectId, prId) {
   const data = await readJsonResponse(response);
   return data.value.map(mapPolicyEvaluationCheck).filter((check) => check !== null);
 }
+async function getPullRequestBuilds(context, cred, prId) {
+  const response = await fetchWithErrors(buildPullRequestBuildsUrl(context, prId).toString(), {
+    headers: authHeaders(cred)
+  });
+  const data = await readJsonResponse(response);
+  return data.value.map((build) => ({
+    id: build.id,
+    state: mapBuildToCheckState(build),
+    name: build.definition?.name ?? `Build #${build.id}`,
+    description: null,
+    targetUrl: build._links?.web?.href ?? null,
+    createdBy: null,
+    createdAt: build.queueTime ?? null,
+    updatedAt: build.finishTime ?? null,
+    source: "build",
+    isBlocking: null
+  }));
+}
 async function openPullRequest(context, repo, cred, sourceBranch, title, description) {
   const existing = await listPullRequests(context, repo, cred, sourceBranch, {
     status: "active",
@@ -2965,7 +3250,8 @@ function formatPullRequestChecks(checks, checksError) {
   }
   const lines = ["Checks:"];
   for (const check of checks) {
-    lines.push(`- [${check.state}] ${check.name}`);
+    const optionalTag = check.isBlocking === false ? " [optional]" : "";
+    lines.push(`- [${check.state}] ${check.name}${optionalTag}`);
     if ((check.state === "failed" || check.state === "error") && check.description) {
       lines.push(`  Detail: ${check.description}`);
     }
@@ -3018,6 +3304,13 @@ async function buildPullRequestStatusEntry(context, repo, cred, pullRequest, pro
       policyOk = false;
     }
   }
+  let buildChecks = [];
+  let buildsOk = true;
+  try {
+    buildChecks = await getPullRequestBuilds(context, cred, pullRequest.id);
+  } catch {
+    buildsOk = false;
+  }
   let codeCommentCounts;
   try {
     const threads = await getPullRequestThreads(context, repo, cred, pullRequest.id);
@@ -3025,8 +3318,8 @@ async function buildPullRequestStatusEntry(context, repo, cred, pullRequest, pro
   } catch {
     codeCommentCounts = { open: 0, closed: 0 };
   }
-  const checks = [...statusChecks, ...policyChecks];
-  const checksError = checks.length === 0 && (!statusOk || !policyOk) ? "Azure DevOps request failed" : null;
+  const checks = [...statusChecks, ...policyChecks, ...buildChecks];
+  const checksError = checks.length === 0 && (!statusOk || !policyOk || !buildsOk) ? "Azure DevOps request failed" : null;
   return {
     ...pullRequest,
     checks,
@@ -4411,18 +4704,18 @@ function createDownloadAttachmentCommand() {
 }
 
 // src/services/update-check.ts
-import fs from "fs";
-import path from "path";
+import fs2 from "fs";
+import path2 from "path";
 import os from "os";
 var THROTTLE_MS = 10 * 60 * 1e3;
 var FETCH_TIMEOUT_MS = 1500;
 var REGISTRY_URL = "https://registry.npmjs.org/azdo-cli/latest";
 function getCachePath() {
-  return path.join(os.homedir(), ".azdo", "update-check.json");
+  return path2.join(os.homedir(), ".azdo", "update-check.json");
 }
 function defaultReadCache() {
   try {
-    return fs.readFileSync(getCachePath(), "utf-8");
+    return fs2.readFileSync(getCachePath(), "utf-8");
   } catch {
     return null;
   }
@@ -4430,8 +4723,8 @@ function defaultReadCache() {
 function defaultWriteCache(data) {
   try {
     const cachePath = getCachePath();
-    fs.mkdirSync(path.dirname(cachePath), { recursive: true });
-    fs.writeFileSync(cachePath, data);
+    fs2.mkdirSync(path2.dirname(cachePath), { recursive: true });
+    fs2.writeFileSync(cachePath, data);
   } catch {
   }
 }

package/dist/{oauth-token-refresh-PHW66RC4.js → oauth-token-refresh-7FQ4VAIS.js}

@@ -5,7 +5,7 @@ import {
   lockPath,
   locksDir,
   refreshIfNeeded
-} from "./chunk-C7RAZJHV.js";
+} from "./chunk-XVXMDWQE.js";
 export {
   _resetInFlight,
   classifyRefreshFailure,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "azdo-cli",
-  "version": "0.10.0-develop.423",
+  "version": "0.10.0-develop.479",
   "description": "Azure DevOps CLI tool",
   "type": "module",
   "bin": {