gh-setup-git-identity 0.2.0

package/scripts/publish-to-npm.mjs

@@ -0,0 +1,122 @@
+#!/usr/bin/env node
+
+/**
+ * Publish to npm using OIDC trusted publishing
+ * Usage: node scripts/publish-to-npm.mjs [--should-pull]
+ *   should_pull: Optional flag to pull latest changes before publishing (for release job)
+ *
+ * Uses link-foundation libraries:
+ * - use-m: Dynamic package loading without package.json dependencies
+ * - command-stream: Modern shell command execution with streaming support
+ * - lino-arguments: Unified configuration from CLI args, env vars, and .lenv files
+ */
+
+import { readFileSync, appendFileSync } from 'fs';
+
+// Load use-m dynamically
+const { use } = eval(
+  await (await fetch('https://unpkg.com/use-m/use.js')).text()
+);
+
+// Import link-foundation libraries
+const { $ } = await use('command-stream');
+const { makeConfig } = await use('lino-arguments');
+
+// Parse CLI arguments using lino-arguments
+const config = makeConfig({
+  yargs: ({ yargs, getenv }) =>
+    yargs.option('should-pull', {
+      type: 'boolean',
+      default: getenv('SHOULD_PULL', false),
+      describe: 'Pull latest changes before publishing',
+    }),
+});
+
+const { shouldPull } = config;
+const MAX_RETRIES = 3;
+const RETRY_DELAY = 10000; // 10 seconds
+
+/**
+ * Sleep for specified milliseconds
+ * @param {number} ms
+ */
+function sleep(ms) {
+  return new Promise((resolve) => globalThis.setTimeout(resolve, ms));
+}
+
+/**
+ * Append to GitHub Actions output file
+ * @param {string} key
+ * @param {string} value
+ */
+function setOutput(key, value) {
+  const outputFile = process.env.GITHUB_OUTPUT;
+  if (outputFile) {
+    appendFileSync(outputFile, `${key}=${value}\n`);
+  }
+}
+
+async function main() {
+  try {
+    if (shouldPull) {
+      // Pull the latest changes we just pushed
+      await $`git pull origin main`;
+    }
+
+    // Get current version
+    const packageJson = JSON.parse(readFileSync('./package.json', 'utf8'));
+    const currentVersion = packageJson.version;
+    console.log(`Current version to publish: ${currentVersion}`);
+
+    // Check if this version is already published on npm
+    console.log(
+      `Checking if version ${currentVersion} is already published...`
+    );
+    const checkResult =
+      await $`npm view "gh-setup-git-identity@${currentVersion}" version`.run({
+        capture: true,
+      });
+
+    // command-stream returns { code: 0 } on success, { code: 1 } on failure (e.g., E404)
+    // Exit code 0 means version exists, non-zero means version not found
+    if (checkResult.code === 0) {
+      console.log(`Version ${currentVersion} is already published to npm`);
+      setOutput('published', 'true');
+      setOutput('published_version', currentVersion);
+      setOutput('already_published', 'true');
+      return;
+    } else {
+      // Version not found on npm (E404), proceed with publish
+      console.log(
+        `Version ${currentVersion} not found on npm, proceeding with publish...`
+      );
+    }
+
+    // Publish to npm using OIDC trusted publishing with retry logic
+    for (let i = 1; i <= MAX_RETRIES; i++) {
+      console.log(`Publish attempt ${i} of ${MAX_RETRIES}...`);
+      try {
+        await $`npm run changeset:publish`;
+        setOutput('published', 'true');
+        setOutput('published_version', currentVersion);
+        console.log(`Published gh-setup-git-identity@${currentVersion} to npm`);
+        return;
+      } catch (_error) {
+        if (i < MAX_RETRIES) {
+          console.log(
+            `Publish failed, waiting ${RETRY_DELAY / 1000}s before retry...`
+          );
+          await sleep(RETRY_DELAY);
+        }
+      }
+    }
+
+    console.error(`Failed to publish after ${MAX_RETRIES} attempts`);
+    process.exit(1);
+  } catch (error) {
+    console.error('Error:', error.message);
+    process.exit(1);
+  }
+}
+
+main();

package/scripts/setup-npm.mjs

@@ -0,0 +1,37 @@
+#!/usr/bin/env node
+
+/**
+ * Update npm for OIDC trusted publishing
+ * npm trusted publishing requires npm >= 11.5.1
+ * Node.js 20.x ships with npm 10.x, so we need to update
+ *
+ * Uses link-foundation libraries:
+ * - use-m: Dynamic package loading without package.json dependencies
+ * - command-stream: Modern shell command execution with streaming support
+ */
+
+// Load use-m dynamically
+const { use } = eval(
+  await (await fetch('https://unpkg.com/use-m/use.js')).text()
+);
+
+// Import command-stream for shell command execution
+const { $ } = await use('command-stream');
+
+try {
+  // Get current npm version
+  const currentResult = await $`npm --version`.run({ capture: true });
+  const currentVersion = currentResult.stdout.trim();
+  console.log(`Current npm version: ${currentVersion}`);
+
+  // Update npm to latest
+  await $`npm install -g npm@latest`;
+
+  // Get updated npm version
+  const updatedResult = await $`npm --version`.run({ capture: true });
+  const updatedVersion = updatedResult.stdout.trim();
+  console.log(`Updated npm version: ${updatedVersion}`);
+} catch (error) {
+  console.error('Error updating npm:', error.message);
+  process.exit(1);
+}

package/scripts/validate-changeset.mjs

@@ -0,0 +1,99 @@
+#!/usr/bin/env node
+
+/**
+ * Validate changeset for CI - ensures exactly one valid changeset exists
+ */
+
+import { readdirSync, readFileSync } from 'fs';
+import { join } from 'path';
+
+try {
+  // Count changeset files (excluding README.md and config.json)
+  const changesetDir = '.changeset';
+  const changesetFiles = readdirSync(changesetDir).filter(
+    (file) => file.endsWith('.md') && file !== 'README.md'
+  );
+
+  const changesetCount = changesetFiles.length;
+  console.log(`Found ${changesetCount} changeset file(s)`);
+
+  // Ensure exactly one changeset file exists
+  if (changesetCount === 0) {
+    console.error(
+      "::error::No changeset found. Please add a changeset by running 'npm run changeset' and commit the result."
+    );
+    process.exit(1);
+  } else if (changesetCount > 1) {
+    console.error(
+      `::error::Multiple changesets found (${changesetCount}). Each PR should have exactly ONE changeset.`
+    );
+    console.error('::error::Found changeset files:');
+    changesetFiles.forEach((file) => console.error(`  ${file}`));
+    process.exit(1);
+  }
+
+  // Get the changeset file
+  const changesetFile = join(changesetDir, changesetFiles[0]);
+  console.log(`Validating changeset: ${changesetFile}`);
+
+  // Read the changeset file
+  const content = readFileSync(changesetFile, 'utf-8');
+
+  // Check if changeset has a valid type (major, minor, or patch)
+  const versionTypeRegex = /^['"]gh-setup-git-identity['"]:\s+(major|minor|patch)/m;
+  if (!versionTypeRegex.test(content)) {
+    console.error(
+      '::error::Changeset must specify a version type: major, minor, or patch'
+    );
+    console.error(`::error::Expected format in ${changesetFile}:`);
+    console.error('::error::---');
+    console.error("::error::'gh-setup-git-identity': patch");
+    console.error('::error::---');
+    console.error('::error::');
+    console.error('::error::Your description here');
+    console.error('\nFile content:');
+    console.error(content);
+    process.exit(1);
+  }
+
+  // Extract description (everything after the closing ---) and check it's not empty
+  const parts = content.split('---');
+  if (parts.length < 3) {
+    console.error(
+      '::error::Changeset must include a description of the changes'
+    );
+    console.error(
+      "::error::The description should appear after the closing '---' in the changeset file"
+    );
+    console.error(`::error::Current content of ${changesetFile}:`);
+    console.error(content);
+    process.exit(1);
+  }
+
+  const description = parts.slice(2).join('---').trim();
+  if (!description) {
+    console.error(
+      '::error::Changeset must include a description of the changes'
+    );
+    console.error(
+      "::error::The description should appear after the closing '---' in the changeset file"
+    );
+    console.error(`::error::Current content of ${changesetFile}:`);
+    console.error(content);
+    process.exit(1);
+  }
+
+  // Extract version type
+  const versionTypeMatch = content.match(versionTypeRegex);
+  const versionType = versionTypeMatch ? versionTypeMatch[1] : 'unknown';
+
+  console.log('Changeset validation passed');
+  console.log(`   Type: ${versionType}`);
+  console.log(`   Description: ${description}`);
+} catch (error) {
+  console.error('Error during changeset validation:', error.message);
+  if (process.env.DEBUG) {
+    console.error('Stack trace:', error.stack);
+  }
+  process.exit(1);
+}

package/scripts/version-and-commit.mjs

@@ -0,0 +1,237 @@
+#!/usr/bin/env node
+
+/**
+ * Version packages and commit to main
+ * Usage: node scripts/version-and-commit.mjs --mode <changeset|instant> [--bump-type <type>] [--description <desc>]
+ *   changeset: Run changeset version
+ *   instant: Run instant version bump with bump_type (patch|minor|major) and optional description
+ *
+ * Uses link-foundation libraries:
+ * - use-m: Dynamic package loading without package.json dependencies
+ * - command-stream: Modern shell command execution with streaming support
+ * - lino-arguments: Unified configuration from CLI args, env vars, and .lenv files
+ */
+
+import { readFileSync, appendFileSync, readdirSync } from 'fs';
+
+// Load use-m dynamically
+const { use } = eval(
+  await (await fetch('https://unpkg.com/use-m/use.js')).text()
+);
+
+// Import link-foundation libraries
+const { $ } = await use('command-stream');
+const { makeConfig } = await use('lino-arguments');
+
+// Parse CLI arguments using lino-arguments
+const config = makeConfig({
+  yargs: ({ yargs, getenv }) =>
+    yargs
+      .option('mode', {
+        type: 'string',
+        default: getenv('MODE', 'changeset'),
+        describe: 'Version mode: changeset or instant',
+        choices: ['changeset', 'instant'],
+      })
+      .option('bump-type', {
+        type: 'string',
+        default: getenv('BUMP_TYPE', ''),
+        describe: 'Version bump type for instant mode: major, minor, or patch',
+      })
+      .option('description', {
+        type: 'string',
+        default: getenv('DESCRIPTION', ''),
+        describe: 'Description for instant version bump',
+      }),
+});
+
+const { mode, bumpType, description } = config;
+
+// Debug: Log parsed configuration
+console.log('Parsed configuration:', {
+  mode,
+  bumpType,
+  description: description || '(none)',
+});
+
+// Detect if positional arguments were used (common mistake)
+const args = process.argv.slice(2);
+if (args.length > 0 && !args[0].startsWith('--')) {
+  console.error('Error: Positional arguments detected!');
+  console.error('Command line arguments:', args);
+  console.error('');
+  console.error(
+    'This script requires named arguments (--mode, --bump-type, --description).'
+  );
+  console.error('Usage:');
+  console.error('  Changeset mode:');
+  console.error('    node scripts/version-and-commit.mjs --mode changeset');
+  console.error('  Instant mode:');
+  console.error(
+    '    node scripts/version-and-commit.mjs --mode instant --bump-type <major|minor|patch> [--description <desc>]'
+  );
+  console.error('');
+  console.error('Examples:');
+  console.error(
+    '  node scripts/version-and-commit.mjs --mode instant --bump-type patch --description "Fix bug"'
+  );
+  console.error('  node scripts/version-and-commit.mjs --mode changeset');
+  process.exit(1);
+}
+
+// Validation: Ensure mode is set correctly
+if (mode !== 'changeset' && mode !== 'instant') {
+  console.error(`Invalid mode: "${mode}". Expected "changeset" or "instant".`);
+  console.error('Command line arguments:', process.argv.slice(2));
+  process.exit(1);
+}
+
+// Validation: Ensure bump type is provided for instant mode
+if (mode === 'instant' && !bumpType) {
+  console.error('Error: --bump-type is required for instant mode');
+  console.error(
+    'Usage: node scripts/version-and-commit.mjs --mode instant --bump-type <major|minor|patch> [--description <desc>]'
+  );
+  process.exit(1);
+}
+
+/**
+ * Append to GitHub Actions output file
+ * @param {string} key
+ * @param {string} value
+ */
+function setOutput(key, value) {
+  const outputFile = process.env.GITHUB_OUTPUT;
+  if (outputFile) {
+    appendFileSync(outputFile, `${key}=${value}\n`);
+  }
+}
+
+/**
+ * Count changeset files (excluding README.md)
+ */
+function countChangesets() {
+  try {
+    const changesetDir = '.changeset';
+    const files = readdirSync(changesetDir);
+    return files.filter((f) => f.endsWith('.md') && f !== 'README.md').length;
+  } catch {
+    return 0;
+  }
+}
+
+/**
+ * Get package version
+ * @param {string} source - 'local' or 'remote'
+ */
+async function getVersion(source = 'local') {
+  if (source === 'remote') {
+    const result = await $`git show origin/main:package.json`.run({
+      capture: true,
+    });
+    return JSON.parse(result.stdout).version;
+  }
+  return JSON.parse(readFileSync('./package.json', 'utf8')).version;
+}
+
+async function main() {
+  try {
+    // Configure git
+    await $`git config user.name "github-actions[bot]"`;
+    await $`git config user.email "github-actions[bot]@users.noreply.github.com"`;
+
+    // Check if remote main has advanced (handles re-runs after partial success)
+    console.log('Checking for remote changes...');
+    await $`git fetch origin main`;
+
+    const localHeadResult = await $`git rev-parse HEAD`.run({ capture: true });
+    const localHead = localHeadResult.stdout.trim();
+
+    const remoteHeadResult = await $`git rev-parse origin/main`.run({
+      capture: true,
+    });
+    const remoteHead = remoteHeadResult.stdout.trim();
+
+    if (localHead !== remoteHead) {
+      console.log(
+        `Remote main has advanced (local: ${localHead}, remote: ${remoteHead})`
+      );
+      console.log('This may indicate a previous attempt partially succeeded.');
+
+      // Check if the remote version is already the expected bump
+      const remoteVersion = await getVersion('remote');
+      console.log(`Remote version: ${remoteVersion}`);
+
+      // Check if there are changesets to process
+      const changesetCount = countChangesets();
+
+      if (changesetCount === 0) {
+        console.log('No changesets to process and remote has advanced.');
+        console.log(
+          'Assuming version bump was already completed in a previous attempt.'
+        );
+        setOutput('version_committed', 'false');
+        setOutput('already_released', 'true');
+        setOutput('new_version', remoteVersion);
+        return;
+      } else {
+        console.log('Rebasing on remote main to incorporate changes...');
+        await $`git rebase origin/main`;
+      }
+    }
+
+    // Get current version before bump
+    const oldVersion = await getVersion();
+    console.log(`Current version: ${oldVersion}`);
+
+    if (mode === 'instant') {
+      console.log('Running instant version bump...');
+      // Run instant version bump script
+      // Rely on command-stream's auto-quoting for proper argument handling
+      if (description) {
+        await $`node scripts/instant-version-bump.mjs --bump-type ${bumpType} --description ${description}`;
+      } else {
+        await $`node scripts/instant-version-bump.mjs --bump-type ${bumpType}`;
+      }
+    } else {
+      console.log('Running changeset version...');
+      // Run changeset version to bump versions and update CHANGELOG
+      await $`npm run changeset:version`;
+    }
+
+    // Get new version after bump
+    const newVersion = await getVersion();
+    console.log(`New version: ${newVersion}`);
+    setOutput('new_version', newVersion);
+
+    // Check if there are changes to commit
+    const statusResult = await $`git status --porcelain`.run({ capture: true });
+    const status = statusResult.stdout.trim();
+
+    if (status) {
+      console.log('Changes detected, committing...');
+
+      // Stage all changes (package.json, package-lock.json, CHANGELOG.md, deleted changesets)
+      await $`git add -A`;
+
+      // Commit with version number as message
+      const commitMessage = newVersion;
+      const escapedMessage = commitMessage.replace(/"/g, '\\"');
+      await $`git commit -m "${escapedMessage}"`;
+
+      // Push directly to main
+      await $`git push origin main`;
+
+      console.log('Version bump committed and pushed to main');
+      setOutput('version_committed', 'true');
+    } else {
+      console.log('No changes to commit');
+      setOutput('version_committed', 'false');
+    }
+  } catch (error) {
+    console.error('Error:', error.message);
+    process.exit(1);
+  }
+}
+
+main();

package/src/cli.js

@@ -0,0 +1,130 @@
+#!/usr/bin/env node
+
+/**
+ * gh-setup-git-identity CLI
+ *
+ * Command-line interface for setting up git identity based on GitHub user
+ */
+
+import { makeConfig } from 'lino-arguments';
+import { setupGitIdentity, isGhAuthenticated } from './index.js';
+
+// Parse command-line arguments with environment variable and .lenv support
+const config = makeConfig({
+  yargs: ({ yargs, getenv }) =>
+    yargs
+      .usage('Usage: $0 [options]')
+      .option('global', {
+        alias: 'g',
+        type: 'boolean',
+        description: 'Set git config globally (default)',
+        default: false
+      })
+      .option('local', {
+        alias: 'l',
+        type: 'boolean',
+        description: 'Set git config locally (in current repository)',
+        default: getenv('GH_SETUP_GIT_IDENTITY_LOCAL', false)
+      })
+      .option('verbose', {
+        alias: 'v',
+        type: 'boolean',
+        description: 'Enable verbose output',
+        default: getenv('GH_SETUP_GIT_IDENTITY_VERBOSE', false)
+      })
+      .option('dry-run', {
+        alias: 'dry',
+        type: 'boolean',
+        description: 'Dry run mode - show what would be done without making changes',
+        default: getenv('GH_SETUP_GIT_IDENTITY_DRY_RUN', false)
+      })
+      .check((argv) => {
+        // --global and --local are mutually exclusive
+        if (argv.global && argv.local) {
+          throw new Error('Arguments global and local are mutually exclusive');
+        }
+        return true;
+      })
+      .example('$0', 'Setup git identity globally using GitHub user')
+      .example('$0 --local', 'Setup git identity for current repository only')
+      .example('$0 --dry-run', 'Show what would be configured without making changes')
+      .help('h')
+      .alias('h', 'help')
+      .version('0.1.0')
+      .strict(),
+});
+
+/**
+ * Main CLI function
+ */
+async function main() {
+  try {
+    // Determine scope
+    const scope = config.local ? 'local' : 'global';
+
+    // Check if gh is authenticated
+    const authenticated = await isGhAuthenticated({ verbose: config.verbose });
+
+    if (!authenticated) {
+      console.log('');
+      console.log('GitHub CLI is not authenticated.');
+      console.log('');
+      console.log('Please run the following command to login:');
+      console.log('');
+      console.log('  gh auth login -h github.com -s repo,workflow,user,read:org,gist');
+      console.log('');
+      console.log('After logging in, run gh-setup-git-identity again.');
+      process.exit(1);
+    }
+
+    // Prepare options
+    const options = {
+      scope,
+      dryRun: config.dryRun,
+      verbose: config.verbose
+    };
+
+    if (options.verbose) {
+      console.log('Options:', options);
+      console.log('');
+    }
+
+    if (options.dryRun) {
+      console.log('DRY MODE - No actual changes will be made');
+      console.log('');
+    }
+
+    // Setup git identity
+    const result = await setupGitIdentity(options);
+
+    // Display results
+    console.log('');
+    console.log(`${options.dryRun ? '[DRY MODE] Would configure' : 'Git configured'}:`);
+    console.log('');
+    console.log(`  user.name:  ${result.username}`);
+    console.log(`  user.email: ${result.email}`);
+    console.log('');
+    console.log(`Scope: ${scope === 'global' ? 'global (--global)' : 'local (--local)'}`);
+    console.log('');
+
+    if (!options.dryRun) {
+      console.log('Git identity setup complete!');
+    }
+
+    process.exit(0);
+  } catch (error) {
+    console.error('');
+    console.error('Error:', error.message);
+
+    if (config.verbose) {
+      console.error('');
+      console.error('Stack trace:');
+      console.error(error.stack);
+    }
+
+    process.exit(1);
+  }
+}
+
+// Run the CLI
+main();