Skip to content

v3: collision-safe SHA-256 key encoding#21

Merged
jeffwall-curlewlabs merged 0 commit into
mainfrom
v3-collision-safe-encoding
Apr 13, 2026
Merged

v3: collision-safe SHA-256 key encoding#21
jeffwall-curlewlabs merged 0 commit into
mainfrom
v3-collision-safe-encoding

Conversation

@jeffwall-curlewlabs

@jeffwall-curlewlabs jeffwall-curlewlabs commented Apr 13, 2026

Copy link
Copy Markdown
Contributor

Summary

  • Fix key collision bug: distinct keys like a/b and a:b previously sanitized to the same directory name a_b, silently returning wrong cache entries. Keys are now SHA-256 hashed into fixed-length (66-char) directory names, eliminating collisions and NAME_MAX issues with long keys.
  • Fix portability: replaced GNU-only find -maxdepth/-mindepth with POSIX-compatible alternatives; added macOS to the CI test matrix.
  • Extract shared helpers: encode_key, append_summary, and constants moved to lib/cache-common.sh, sourced by both scripts. CI test assertions also source this file so encoding stays in sync automatically.
  • Preserve backward compatibility: existing v2/v1 cache entries are still found via legacy directory-name fallback. Prefix matching now scans entries and reads the stored raw key from a .local-cache-key metadata file, since SHA-256 hashes are not prefix-preserving.

This is a v3 major version because the on-disk cache layout changes. The README, SECURITY.md, and action.yml are updated accordingly, including an "Upgrading from v2" section.

Test plan

  • shellcheck and sh -n pass on all three shell scripts
  • Local smoke tests: collision safety (a/b vs a:b), dot keys (., ..), prefix matching, legacy v2 entry fallback, metadata file exclusion from restore targets
  • CI passes on both ubuntu-latest and macos-latest (matrix added in this PR)

🤖 Generated with Claude Code

@jeffwall-curlewlabs jeffwall-curlewlabs merged this pull request into main Apr 13, 2026
6 checks passed
@jeffwall-curlewlabs jeffwall-curlewlabs deleted the v3-collision-safe-encoding branch April 13, 2026 17:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant