May 1 came and went. Quonfig is in a state where I can hand it to someone, walk them through a migration from Launch, and watch the whole thing come up clean. That's the headline.
What Moved This Week
Customer dress rehearsals on the migrator. We ran end-to-end migrations of three real customer workspaces as staging dry runs. Most of the week's work on qfg migrate came directly from those passes: a real qfg verify pre-flight before push, clearer push-rejection messages that distinguish a hook reject from a fast-forward conflict, qfg pull --rebase with an actionable divergence message, and a tighter pass on the from-Launch migration guide. The retests on the same three workspaces went green.
Atomic push-conflict detection. Two people editing the same config concurrently no longer lose work to a race. The server enforces an optimistic lock against the workspace HEAD on configs.push, and the CLI ships the expected SHA with every push. Conflicts surface at write time, with a useful error, instead of silently overwriting.
Multi-org CLI auth. If you belong to more than one Quonfig organization, qfg login now mints and stores per-org tokens cleanly, and switching orgs from the dashboard refreshes your session correctly. Long-standing rough edge for anyone with more than one workspace org — gone.
Restore deleted flags and configs from the UI. A tombstone view in the dashboard lists everything that has been deleted; one click brings it back. Because everything is in git, we just read the previous body from the parent commit and re-commit it. The kind of safety net you should never need but always want.
Every SDK now runs a real CI matrix. Node 18/20/22/24, Go 1.22-1.24 with golangci-lint + staticcheck + govulncheck, Python 3.9-3.13 with pip-audit, Ruby 3.2-3.4 with rubocop + bundler-audit + brakeman, and React across Node 20/22/24 x React 18/19. The trust artifacts — LICENSE, SECURITY.md, CONTRIBUTING, CHANGELOG — landed in every SDK repo, every GitHub Action is pinned to a commit SHA, and a couple of upstream CVEs in faraday and cryptography got patched in the same pass.
Pluggable loggers across the SDK matrix. You can now hand your own logger to the SDK in Node, Go, Ruby, and React — Winston/Pino, *slog.Logger, Ruby Logger, or a logger prop on QuonfigProvider. Same shape, same ergonomics. No more parallel log streams.
Persona testing. I have been running scripted personas through real flows — concurrent UI editors, multi-instance fan-out, CLI-and-UI merge conflicts, JSON authoring UX, migration replays. It is the closest I can get to a real customer without one in the room, and the issues it surfaces are the ones a customer would have hit on day one.
Where That Leaves Us
Quonfig is ready for you to try. Migrate a workspace from Launch, point your SDKs at it, edit configs in the dashboard or via qfg push, wire up Slack notifications, generate typesafe clients. The whole loop works.
I would still hold off on putting it in front of real production traffic for another couple of weeks. There are no known blockers — capacity is confirmed, the migrator has been through real customer data, the SDKs are running on hardened CI — I just want a little more time on the persona passes and SDK polish before I would tell anyone "go ahead and turn it on for the prod fleet." Once we cross that line, every SDK ships a 1.0 and we move to proper semver. Until then we are staying on point releases so we can move fast on small fixes.
If you want to kick the tires, this is the week.
-- Jeff
Want to try it?
Quonfig stores your config in git. Feature flags, dynamic config, log levels, and secrets — all as files you own.