Skip to content

allow sha256 only builds#2651

Merged
Sebastian Thiel (Byron) merged 6 commits into
mainfrom
allow-sha256-only-builds
Jun 18, 2026
Merged

allow sha256 only builds#2651
Sebastian Thiel (Byron) merged 6 commits into
mainfrom
allow-sha256-only-builds

Conversation

@Byron

@Byron Sebastian Thiel (Byron) commented Jun 18, 2026

Copy link
Copy Markdown
Member

Fixed up version of #2627.

Tasks

  • refackiew changes addressing the review comments.

Adrian Ratiu (10ne1) and others added 4 commits June 18, 2026 13:37
Three call sites in gix/src/config referenced gix_hash::Kind::Sha1
unconditionally, which fails to compile when the Sha1 variant is
feature-gated out of gix_hash::Kind.

Replace the hardcoded Kind::Sha1 with the Default impl which is
feature-aware (sha1 when available, otherwise sha256), so this
preserves Sha1 as the default for normal builds while also letting
sha256-only builds compile.

For the core.rs Abbrev validator use Kind::longest() which accepts
the widest range of valid lenghts. This only enfources a shape bound,
the authoritative repo-hash check happens elsewhere (see comment).

Add a Justfile check to verify the gix build.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Signed-off-by: Adrian Ratiu <adrian.ratiu@collabora.com>
A missing extensions.objectFormat means legacy Sha1.

In sha256-only builds, Kind::default() is Sha256, so such repos
were silently mislabeled as Sha256.

Resolve the implicit case to Sha1 when supported, else error
out to avoid any mislabeling.

Also reject extensions.objectFormat when repositoryFormatVersion is 0,
matching git, which treats it as an invalid v1-only extension.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Signed-off-by: Adrian Ratiu <adrian.ratiu@collabora.com>
Add fixtures with sha1 and sha256 variants and an open() test asserting
that a version-0 repository setting extensions.objectFormat is rejected.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Signed-off-by: Adrian Ratiu <adrian.ratiu@collabora.com>
legacy_object_hash() has a feature-gated split: it returns Sha1 when the
build supports it and an error otherwise. Add a unit test asserting the
branch for the current build, and run the gix lib tests under
--no-default-features --features sha256 so the error path is actually
exercised in CI.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Signed-off-by: Adrian Ratiu <adrian.ratiu@collabora.com>

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR enables gix to compile (and partially test) in --no-default-features --features sha256 configurations by removing unconditional SHA-1 assumptions in configuration parsing/validation, and by aligning repository-format/object-format handling with git’s behavior.

Changes:

  • Add CI-like just checks/tests to cover sha256-only compilation and unit tests.
  • Teach config parsing to (a) reject extensions.objectFormat on repository format v0, and (b) avoid unconditional Kind::Sha1 usage so sha256-only builds compile.
  • Add fixtures + an integration test asserting extensions.objectFormat is rejected on v0 repositories (matching git).

Reviewed changes

Copilot reviewed 6 out of 8 changed files in this pull request and generated 1 comment.

Show a summary per file
File Description
justfile Adds cargo check for sha256-only builds and runs gix unit tests with --no-default-features --features sha256.
gix/tests/gix/repository/open.rs Adds an integration test ensuring extensions.objectFormat is rejected when core.repositoryFormatVersion=0.
gix/tests/fixtures/make_config_repos.sh Adds fixture repositories with repositoryFormatVersion=0 and extensions.objectFormat set.
gix/src/config/tree/sections/core.rs Makes core.abbrev validation hash-kind-agnostic by using Kind::longest() for the trait-level validator.
gix/src/config/mod.rs Introduces a dedicated ObjectFormatRequiresV1 config error variant/message.
gix/src/config/cache/incubate.rs Implements repo-format-aware object hash selection and adds sha1-gated legacy default handling for sha256-only builds.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread gix/src/config/cache/incubate.rs Outdated

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 9f1731244c

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "Codex (@codex) review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "Codex (@codex) address that feedback".

Comment thread gix/src/config/cache/incubate.rs Outdated
Comment thread gix/src/config/cache/incubate.rs Outdated
Co-authored-by: GPT 5.5 <codex@openai.com>
Copilot AI review requested due to automatic review settings June 18, 2026 05:57
@Byron Sebastian Thiel (Byron) marked this pull request as draft June 18, 2026 05:58
auto-merge was automatically disabled June 18, 2026 05:58

Pull request was converted to draft

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 6 out of 8 changed files in this pull request and generated no new comments.

Codex review noted that default initialization in SHA256-only builds wrote a
v0 repository without extensions.objectFormat, causing gix::init() to fail when
reopening the repository. Default creation options now select Sha256 when SHA1
support is unavailable, so the written repository can be opened by the same
build.

Codex review also noted that repository format versions greater than 1 were
treated as supporting extensions.objectFormat. Opening now rejects unsupported
repository format versions before interpreting extensions, matching Git's
fail-closed behavior.

Co-authored-by: Sebastian Thiel <sebastian.thiel@icloud.com>
@Byron Sebastian Thiel (Byron) marked this pull request as ready for review June 18, 2026 06:58
Copilot AI review requested due to automatic review settings June 18, 2026 06:58

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 7 out of 9 changed files in this pull request and generated no new comments.

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 2a5b8d4e04

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "Codex (@codex) review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "Codex (@codex) address that feedback".

Comment thread justfile
@Byron Sebastian Thiel (Byron) merged commit f1f8b6f into main Jun 18, 2026
57 of 59 checks passed
@Byron Sebastian Thiel (Byron) deleted the allow-sha256-only-builds branch June 18, 2026 08:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants