Conversation
Signed-off-by: Paulo Gomes <[email protected]>
Signed-off-by: Paulo Gomes <[email protected]>
Signed-off-by: Paulo Gomes <[email protected]>
Replace the per-iteration flag soup in (*Commit).Decode with a func-based stateFn loop that mirrors upstream Git's parsing posture. The new state machine encodes "where we are in the buffer" as the function being called rather than as a bag of mutable booleans. Conformance changes vs upstream commit.c: - tree must be the first header, missing tree errors with ErrMalformedCommit (matches the "bogus commit object" check at commit.c:508-510). - Parents are accepted only contiguously after tree; out-of-position parent lines are silently dropped (matches parse_commit_buffer's parent loop exiting at the first non-parent line and read_commit_extra_header_lines filtering parents from extras). - Author and committer are accepted only at their canonical positions (immediately after parents, immediately after author). Out-of-place occurrences are dropped, mirroring parse_commit_date silently returning 0 plus the standard_header_field filter. - Encoding/mergetag/gpgsig/gpgsig-sha256 follow first-wins; duplicate sig/mergetag continuation lines are discarded by a dedicated scanSkipCont state. - Continuation strip uses line[1:] (single space) instead of bytes.TrimLeft, mirroring upstream's `line + 1` at commit.c:1509. - Header/body boundary is the literal "\n" only, matching *line == '\n' at commit.c:1502. Tests: - TestDecodeRequiresTreeFirst covers the four hard-error inputs (missing tree, parent before tree, extra before tree, empty buffer). - TestDecodeFirstOccurrenceWins covers the lenient drop semantics for duplicate tree/author/committer/gpgsig/gpgsig-sha256, parents after author or interleaved with extras, missing committer, encoding between author and committer (drops the misplaced committer), and author at a non-canonical position (drops author and committer). - TestMalformedHeader is back to expecting NoError (lenient parsing of garbage author/committer values). The state machine lives in plumbing/object/commit_scanner.go. Assisted-by: Claude Opus 4.7 <[email protected]> Signed-off-by: Paulo Gomes <[email protected]>
The previous MergeTag field had two issues: 1. It could only represent a single mergetag, whilst upstream support multiple within a single Commit. 2. Did not allow for a byte-to-byte alignment with upstream, due to the above, and its position set by go-git during encoding time. In order to mitigate both issues, it will now be handled as part of ExtraHeaders, which better aligns with upstream. Signed-off-by: Paulo Gomes <[email protected]>
Signed-off-by: Paulo Gomes <[email protected]>
Tag verification re-encoded from struct fields, so any non-canonical bytes the signature was computed over (duplicate headers, mutation-only fields like Signature/SignatureSHA256, etc.) were lost from the payload and signatures that were valid in upstream Git failed in go-git. Mirror the approach already used by Commit: retain a reference to the source plumbing.EncodedObject on Decode, add matchesSource() so EncodeWithoutSignature can stream the raw bytes (with the inline trailing PGP block truncated and gpgsig/gpgsig-sha256 headers stripped) when the struct still matches the source. Mutating struct fields still falls back to the struct-encoded payload. Assisted-by: Claude Opus 4.7 <[email protected]> Signed-off-by: Paulo Gomes <[email protected]>
Align Commit.Verify with upstream's parse_buffer_signed_by_header (commit.c:1186) and parse_gpg_output rejection (gpg-interface.c:257-269). The commit scanner now concatenates every gpgsig/gpgsig-sha256 header into a single signature buffer instead of first-wins, and Commit.Verify returns the new ErrMultipleSignatures when that buffer carries more than one armored block. Assisted-by: Claude Opus 4.7 <[email protected]> Signed-off-by: Paulo Gomes <[email protected]>
Signed-off-by: Paulo Gomes <[email protected]>
Signed-off-by: Paulo Gomes <[email protected]>
Signed-off-by: Paulo Gomes <[email protected]>
Signed-off-by: Paulo Gomes <[email protected]>
Signed-off-by: Paulo Gomes <[email protected]>
Signed-off-by: Paulo Gomes <[email protected]>
Member
Author
|
Git Compatibility failure is orthogonal: Will be fixed by #2013. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
CommitandTagobjects return their raw bytes (minusgpgsignandgpgsign-sha256headers).CommitandTaginterpretation with upstream: first instance of standard headers wins.MergeTagin favour ofExtraHeaders.git. Note that duplicate signatures were valid back onv2.11, which is why that test is skipped during capability mode.Treeinterpretation with upstream: first wins and unsorted tree is short-circuited.