allow sha256 only builds#2651
Merged
Merged
Conversation
Three call sites in gix/src/config referenced gix_hash::Kind::Sha1 unconditionally, which fails to compile when the Sha1 variant is feature-gated out of gix_hash::Kind. Replace the hardcoded Kind::Sha1 with the Default impl which is feature-aware (sha1 when available, otherwise sha256), so this preserves Sha1 as the default for normal builds while also letting sha256-only builds compile. For the core.rs Abbrev validator use Kind::longest() which accepts the widest range of valid lenghts. This only enfources a shape bound, the authoritative repo-hash check happens elsewhere (see comment). Add a Justfile check to verify the gix build. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> Signed-off-by: Adrian Ratiu <adrian.ratiu@collabora.com>
A missing extensions.objectFormat means legacy Sha1. In sha256-only builds, Kind::default() is Sha256, so such repos were silently mislabeled as Sha256. Resolve the implicit case to Sha1 when supported, else error out to avoid any mislabeling. Also reject extensions.objectFormat when repositoryFormatVersion is 0, matching git, which treats it as an invalid v1-only extension. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> Signed-off-by: Adrian Ratiu <adrian.ratiu@collabora.com>
Add fixtures with sha1 and sha256 variants and an open() test asserting that a version-0 repository setting extensions.objectFormat is rejected. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Signed-off-by: Adrian Ratiu <adrian.ratiu@collabora.com>
legacy_object_hash() has a feature-gated split: it returns Sha1 when the build supports it and an error otherwise. Add a unit test asserting the branch for the current build, and run the gix lib tests under --no-default-features --features sha256 so the error path is actually exercised in CI. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Signed-off-by: Adrian Ratiu <adrian.ratiu@collabora.com>
Sebastian Thiel (Byron)
force-pushed
the
allow-sha256-only-builds
branch
from
9f17312 to
3dc0b0c
Compare
There was a problem hiding this comment.
Pull request overview
This PR enables gix to compile (and partially test) in --no-default-features --features sha256 configurations by removing unconditional SHA-1 assumptions in configuration parsing/validation, and by aligning repository-format/object-format handling with git’s behavior.
Changes:
- Add CI-like
justchecks/tests to cover sha256-only compilation and unit tests. - Teach config parsing to (a) reject
extensions.objectFormaton repository format v0, and (b) avoid unconditionalKind::Sha1usage so sha256-only builds compile. - Add fixtures + an integration test asserting
extensions.objectFormatis rejected on v0 repositories (matching git).
Reviewed changes
Copilot reviewed 6 out of 8 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| justfile | Adds cargo check for sha256-only builds and runs gix unit tests with --no-default-features --features sha256. |
| gix/tests/gix/repository/open.rs | Adds an integration test ensuring extensions.objectFormat is rejected when core.repositoryFormatVersion=0. |
| gix/tests/fixtures/make_config_repos.sh | Adds fixture repositories with repositoryFormatVersion=0 and extensions.objectFormat set. |
| gix/src/config/tree/sections/core.rs | Makes core.abbrev validation hash-kind-agnostic by using Kind::longest() for the trait-level validator. |
| gix/src/config/mod.rs | Introduces a dedicated ObjectFormatRequiresV1 config error variant/message. |
| gix/src/config/cache/incubate.rs | Implements repo-format-aware object hash selection and adds sha1-gated legacy default handling for sha256-only builds. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 9f1731244c
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "Codex (@codex) review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "Codex (@codex) address that feedback".
Sebastian Thiel (Byron)
force-pushed
the
allow-sha256-only-builds
branch
from
3dc0b0c to
c391a12
Compare
auto-merge was automatically disabled
June 18, 2026 05:58
Pull request was converted to draft
Codex review noted that default initialization in SHA256-only builds wrote a v0 repository without extensions.objectFormat, causing gix::init() to fail when reopening the repository. Default creation options now select Sha256 when SHA1 support is unavailable, so the written repository can be opened by the same build. Codex review also noted that repository format versions greater than 1 were treated as supporting extensions.objectFormat. Opening now rejects unsupported repository format versions before interpreting extensions, matching Git's fail-closed behavior. Co-authored-by: Sebastian Thiel <sebastian.thiel@icloud.com>
Sebastian Thiel (Byron)
force-pushed
the
allow-sha256-only-builds
branch
from
b7573d9 to
2a5b8d4
Compare
Contributor
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 2a5b8d4e04
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "Codex (@codex) review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "Codex (@codex) address that feedback".
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixed up version of #2627.
Tasks