gitutil

func FetchHeadAge ¶

func FetchHeadAge(repoPath string) (time.Duration, bool)

FetchHeadAge returns how long ago FETCH_HEAD was last modified. Returns (0, false) if FETCH_HEAD doesn't exist or can't be read.

func HasLockFiles ¶

func HasLockFiles(gitDir string) []string

HasLockFiles checks .git/ for stale lock files that block git operations. Returns the names of lock files found (empty slice = safe to proceed).

func HasMissingLFSObjects ¶ added in v0.5.0

func HasMissingLFSObjects(ctx context.Context, repoPath string) bool

HasMissingLFSObjects returns true if the repo has LFS-tracked files whose backing objects are missing locally.

func IsLFSPushError ¶ added in v0.5.0

func IsLFSPushError(output string) bool

IsLFSPushError returns true if the error output indicates a push failure caused by missing LFS objects (either local pre-push hook or server-side).

func IsRebaseInProgress ¶

func IsRebaseInProgress(repoPath string) bool

IsRebaseInProgress checks whether the repo is stuck in a broken rebase state. Returns true if .git/rebase-merge or .git/rebase-apply exists.

func IsSafeForGitOps ¶

func IsSafeForGitOps(repoPath string) error

IsSafeForGitOps combines lock file and rebase state checks into a single pre-flight check. Returns nil if safe to proceed, or an error describing why the repo is blocked.

func RepairMissingLFSObjects ¶ added in v0.5.0

func RepairMissingLFSObjects(ctx context.Context, repoPath string) (int, error)

RepairMissingLFSObjects detects LFS pointer files whose backing objects are missing locally (lost during GC reclone, interrupted push, etc.) and replaces them with empty content so future pushes aren't blocked by the remote's pre-receive hook rejecting missing LFS objects.

The repair:

1. Detects missing LFS objects via `git lfs ls-files`
2. Replaces each orphaned pointer with empty content
3. Commits the fix
4. Sets lfs.allowincompletepush=true so the local pre-push hook doesn't block (the server may still reject — caller should retry with force push if needed)

Returns the number of repaired files and any error. Safe to call on repos without LFS — returns (0, nil) immediately.

func ResolveRebaseAcceptTheirs ¶ added in v0.5.0

func ResolveRebaseAcceptTheirs(ctx context.Context, repoPath string, safePrefixes []string) error

ResolveRebaseAcceptTheirs attempts to resolve a rebase conflict by accepting the remote ("theirs") version of all conflicted files, but ONLY if every conflicted file is under one of the given safe prefixes.

This is safe for data directories (like data/github/) where the content is derived from an external source and the next sync cycle will re-fetch the latest version anyway. Last-write-wins is the correct strategy.

Returns nil if the rebase was successfully continued after resolution. Returns an error if any conflicted file is outside the safe prefixes (the rebase is NOT aborted — caller should abort if needed).

func RunGit ¶

func RunGit(ctx context.Context, repoPath string, args ...string) (string, error)

RunGit executes a git command with context for timeout/cancellation. Output is auto-sanitized to remove credentials. Use repoPath="" for commands that don't need -C.

func SanitizeOutput ¶

func SanitizeOutput(output string) string

SanitizeOutput removes credentials from git command output. Replaces oauth2:TOKEN@ patterns with oauth2:***@ to prevent credential leaks in logs.

func StripLFSConfig ¶

func StripLFSConfig(repoPath string)

StripLFSConfig removes lfs.repositoryformatversion from local git config. This config is set by git-lfs when filter.lfs.required=true is global, but it causes HTTP 403 on push to GitLab when the server-side ALB doesn't expect LFS-aware clients. Safe to call on any repo — no-op if not set.