Improvements to Git OID Handling — heartwood

With Git 3 on the horizon, which will make SHA-256 object identifiers the default, this patch implements first steps to prepare integration of SHA-256 by means of a clean up around code locations that will be affected.

             thread::sleep(interval);
             let oid = reference(&repo, &nid, &qualified)?;
             if oid != initial {
                 term::info!("{}", oid.unwrap_or(git::raw::Oid::zero().into()));
                 term::info!("{}", oid.unwrap_or(git::Oid::ZERO_SHA1));
                 break;
             }
             if now.elapsed()? >= timeout {

                 w.meta(format!("new file mode {:o}", u32::from(new.mode.clone())))?;
                 w.meta(format!(
                     "index {}..{}",
                     term::format::oid(git::Oid::sha1_zero()),
                     term::format::oid(git::Oid::ZERO_SHA1),
                     term::format::oid(*new.oid),
                 ))?;

                 w.meta(format!(
                     "index {}..{}",
                     term::format::oid(*old.oid),
                     term::format::oid(git::Oid::sha1_zero())
                     term::format::oid(git::Oid::ZERO_SHA1)
                 ))?;
                 w.meta(format!("--- a/{}", path.display()))?;

 pub enum IdError {
     #[error(transparent)]
     Multibase(#[from] multibase::Error),
     #[error("invalid length: expected {expected} bytes, got {actual} bytes")]
     Length { expected: usize, actual: usize },
     #[error("invalid length: expected {} bytes, got {actual} bytes", Oid::LEN_SHA1)]
     Length { actual: usize },
     #[error(fmt = fmt_mismatched_base_encoding)]
     MismatchedBaseEncoding {
         input: String,

     ///
     /// [multibase]: https://github.com/multiformats/multibase?tab=readme-ov-file#multibase-table
     pub fn from_canonical(input: &str) -> Result<Self, IdError> {
         const EXPECTED_LEN: usize = 20;
         let (base, bytes) = multibase::decode(input)?;
         Self::guard_base_encoding(input, base)?;
         let bytes: [u8; EXPECTED_LEN] =
         let bytes: [u8; Oid::LEN_SHA1] =
             bytes.try_into().map_err(|bytes: Vec<u8>| IdError::Length {
                 expected: EXPECTED_LEN,
                 actual: bytes.len(),
             })?;
         Ok(Self(Oid::from_sha1(bytes)))

 #[cfg(feature = "qcheck")]
 impl qcheck::Arbitrary for RepoId {
     fn arbitrary(g: &mut qcheck::Gen) -> Self {
         let bytes = <[u8; 20]>::arbitrary(g);
         let oid = radicle_oid::Oid::from_sha1(bytes);
         RepoId::from(oid)
         RepoId::from(radicle_oid::Oid::arbitrary(g))
     }
 }

             .fold(Applied::default(), |mut ap, update| match update {
                 Update::Direct { name, target, .. } => {
                     let name = name.into_qualified().into_owned();
                     let prev = match self.0.insert(name.clone(), target) {
                         Some(prev) => prev,
                         None => radicle::git::raw::Oid::zero().into(),
                     };
                     let prev = self
                         .0
                         .insert(name.clone(), target)
                         .unwrap_or(radicle::git::Oid::ZERO_SHA1);
                     ap.updated.push(RefUpdate::Updated {
                         name: name.to_ref_string(),
                         old: prev,

         Ok(RefsAt {
             remote: self.nid()?,
             at: Oid::sha1_zero(),
             at: Oid::ZERO_SHA1,
         })
     }

 #[cfg(not(feature = "sha1"))]
 compile_error!("The `sha1` feature is required.");
 const SHA1_DIGEST_LEN: usize = 20;
 #[derive(PartialEq, Eq, Ord, PartialOrd, Clone, Copy)]
 #[non_exhaustive]
 pub enum Oid {
     Sha1([u8; SHA1_DIGEST_LEN]),
     Sha1([u8; Self::LEN_SHA1]),
 }
 /// Conversions to/from SHA-1.

 // for forwards compatibility: What if another hash with digests of the same
 // length becomes popular?
 impl Oid {
     pub fn from_sha1(digest: [u8; SHA1_DIGEST_LEN]) -> Self {
     /// The length of a SHA-1 object identifier in bytes.
     pub const LEN_SHA1: usize = 20;
     /// A SHA-1 object identifier with all digest bytes set to zero.
     /// This is sometimes used as a sentinel value to indicate the absence of
     /// an object.
     /// To compare whether an object identifier is zero, prefer the method
     /// [`Oid::is_zero`] over checking equality with this constant.
     pub const ZERO_SHA1: Self = Self::Sha1([0u8; Self::LEN_SHA1]);
     pub fn from_sha1(digest: [u8; Self::LEN_SHA1]) -> Self {
         Self::Sha1(digest)
     }
     pub fn into_sha1(&self) -> Option<[u8; SHA1_DIGEST_LEN]> {
     pub fn into_sha1(&self) -> Option<[u8; Self::LEN_SHA1]> {
         match self {
             Oid::Sha1(digest) => Some(*digest),
         }
     }
     pub fn sha1_zero() -> Self {
         Self::Sha1([0u8; SHA1_DIGEST_LEN])
     }
 }
 /// Interaction with zero.

 }
 pub mod str {
     use super::{Oid, SHA1_DIGEST_LEN};
     use super::Oid;
     use core::str;
     /// Length of the string representation of a SHA-1 digest in hexadecimal notation.
     pub(super) const SHA1_DIGEST_STR_LEN: usize = SHA1_DIGEST_LEN * 2;
     pub(super) const SHA1_DIGEST_STR_LEN: usize = Oid::LEN_SHA1 * 2;
     impl str::FromStr for Oid {
         type Err = error::ParseOidError;

                 return Err(Len(len));
             }
             let mut bytes = [0u8; SHA1_DIGEST_LEN];
             for i in 0..SHA1_DIGEST_LEN {
             let mut bytes = [0u8; Oid::LEN_SHA1];
             for i in 0..Oid::LEN_SHA1 {
                 bytes[i] = u8::from_str_radix(&s[i * 2..=i * 2 + 1], 16)
                     .map_err(|source| At { index: i, source })?;
             }

                 "0000000000000000000000000000000000000000"
                     .parse::<Oid>()
                     .unwrap(),
                 Oid::sha1_zero()
                 Oid::ZERO_SHA1
             );
         }

         #[test]
         fn zero() {
             assert_eq!(
                 Oid::sha1_zero().to_string(),
                 Oid::ZERO_SHA1.to_string(),
                 "0000000000000000000000000000000000000000"
             );
         }

         fn from(other: Other) -> Self {
             match other {
                 Other::Sha1(digest) => Self::Sha1(digest),
                 _ => panic!("unexpected SHA variant was returned for `gix_hash::ObjectId`"),
                 _ => unimplemented!("conversion from {other:?} into radicle_oid::Oid"),
             }
         }
     }

         fn eq(&self, other: &Other) -> bool {
             match (self, other) {
                 (Oid::Sha1(a), Other::Sha1(b)) => a == b,
                 _ => panic!("unexpected SHA variant was returned for `gix_hash::ObjectId`"),
                 _ => unimplemented!("conversion from {other:?} into radicle_oid::Oid"),
             }
         }
     }

         #[test]
         fn zero() {
             assert!(Oid::sha1_zero() == Other::null(Kind::Sha1));
             assert!(Oid::ZERO_SHA1 == Other::null(Kind::Sha1));
         }
     }
 }

         #[test]
         fn zero() {
             assert!(Oid::sha1_zero() == Other::zero());
             assert!(Oid::ZERO_SHA1 == Other::zero());
         }
     }
 }

         impl Arbitrary for Oid {
             fn arbitrary(g: &mut Gen) -> Self {
                 let slice = [0u8; SHA1_DIGEST_LEN];
                 g.fill(slice);
                 Self::Sha1(slice)
                 Self::Sha1(<[u8; Oid::LEN_SHA1]>::arbitrary(g))
             }
         }
     }

                     type Value = Oid;
                     fn expecting(&self, f: &mut fmt::Formatter) -> fmt::Result {
                         use crate::str::SHA1_DIGEST_STR_LEN;
                         write!(
                             f,
                             "a Git object identifier (SHA-1 digest in hexadecimal notation; {SHA1_DIGEST_STR_LEN} characters; {SHA1_DIGEST_LEN} bytes)"
                             "a Git object identifier (SHA-1 digest in hexadecimal notation; {} characters; {} bytes)",
                             crate::str::SHA1_DIGEST_STR_LEN,
                             Oid::LEN_SHA1
                         )
                     }

         }
         fn json_schema(_: &mut SchemaGenerator) -> Schema {
             use crate::{SHA1_DIGEST_LEN, str::SHA1_DIGEST_STR_LEN};
             use crate::str::SHA1_DIGEST_STR_LEN;
             json_schema!({
                 "description": format!("A Git object identifier (SHA-1 digest in hexadecimal notation; {SHA1_DIGEST_STR_LEN} characters; {SHA1_DIGEST_LEN} bytes)"),
                 "description": format!(
                     "A Git object identifier (SHA-1 digest in hexadecimal notation; {SHA1_DIGEST_STR_LEN} characters; {} bytes)",
                     Oid::LEN_SHA1,
                 ),
                 "type": "string",
                 "maxLength": SHA1_DIGEST_STR_LEN,
                 "minLength": SHA1_DIGEST_STR_LEN,

     use fastrand;
     use localtime::LocalTime;
     use qcheck_macros::quickcheck;
     use radicle::git::raw;
     use radicle::test::arbitrary;
     use crate::wire::Decode as _;

     fn test_ref_remote_limit() {
         let mut refs = BoundedVec::<_, REF_REMOTE_LIMIT>::new();
         let signer = Device::mock();
         let at = raw::Oid::zero().into();
         let at = git::Oid::ZERO_SHA1;
         assert_eq!(refs.capacity(), REF_REMOTE_LIMIT);

     fn prop_refs_announcement_signing(rid: RepoId) {
         let signer = Device::mock_rng(&mut fastrand::Rng::new());
         let timestamp = Timestamp::EPOCH;
         let at = raw::Oid::zero().into();
         let at = git::Oid::ZERO_SHA1;
         let refs = BoundedVec::collect_from(
             &mut [RefsAt {
                 remote: *signer.public_key(),

 use std::convert::TryFrom;
 use std::fmt::Debug;
 use std::mem;
 use std::ops::Deref;
 use std::str::FromStr;
 use std::string::FromUtf8Error;

 use radicle::crypto::{PublicKey, Signature};
 use radicle::git;
 use radicle::git::fmt;
 use radicle::git::raw;
 use radicle::identity::RepoId;
 use radicle::node;
 use radicle::node::Alias;

 #[derive(thiserror::Error, Debug)]
 pub enum Invalid {
     #[error("invalid Git object identifier size: expected {expected}, got {actual}")]
     Oid { expected: usize, actual: usize },
     #[error(
         "invalid Git object identifier size: expected {}, got {actual}",
         git::Oid::LEN_SHA1
     )]
     Oid { actual: usize },
     #[error(transparent)]
     Bounded(#[from] crate::bounded::Error),
     #[error("invalid filter size: {actual}")]

 impl Decode for git::Oid {
     fn decode(buf: &mut impl Buf) -> Result<Self, Error> {
         const LEN_EXPECTED: usize = mem::size_of::<raw::Oid>();
         let len = Size::decode(buf)? as usize;
         if len != LEN_EXPECTED {
             return Err(Invalid::Oid {
                 expected: LEN_EXPECTED,
                 actual: len,
             }
             .into());
         if len != git::Oid::LEN_SHA1 {
             return Err(Invalid::Oid { actual: len }.into());
         }
         let buf: [u8; LEN_EXPECTED] = Decode::decode(buf)?;
         let oid = raw::Oid::from_bytes(&buf).expect("the buffer is exactly the right size");
         let oid = git::Oid::from(oid);
         Ok(oid)
         Ok(git::Oid::Sha1(Decode::decode(buf)?))
     }
 }

     }
     #[quickcheck]
     fn prop_oid(input: [u8; 20]) {
         roundtrip(git::Oid::from_sha1(input));
     fn prop_oid(input: git::Oid) {
         roundtrip(input);
     }
     #[test]

 use thiserror::Error;
 use radicle::{cob, git::raw, identity, storage};
 use radicle::{cob, identity, storage};
 use radicle_fetch as fetch;
 #[derive(Debug, Error)]

                     })
                 })
             })
             .unwrap_or(Ok(git::raw::Oid::zero().into()))?;
             .unwrap_or(Ok(git::Oid::ZERO_SHA1))?;
         let new = row
             .try_read::<Option<&str>, _>("new")?
             .map(|oid| {

                     })
                 })
             })
             .unwrap_or(Ok(git::raw::Oid::zero().into()))?;
             .unwrap_or(Ok(git::Oid::ZERO_SHA1))?;
         let update = RefUpdate::from(RefString::try_from(refstr)?, old, new);
         let (namespace, qualified) = git::parse_ref(refstr)?;
         let timestamp = row.try_read::<i64, _>("timestamp")?;

         let mut buf = String::new();
         for (name, oid) in self.0.iter() {
             debug_assert_ne!(oid, &Oid::sha1_zero());
             debug_assert!(!oid.is_zero());
             debug_assert_ne!(name, &SIGREFS_BRANCH.to_ref_string());
             buf.push_str(&oid.to_string());

     if bool::arbitrary(g) {
         level = Some(FeatureLevel::Parent);
         let parent = Oid::from_sha1(Arbitrary::arbitrary(g));
         let parent = Oid::arbitrary(g);
         refs.insert(SIGREFS_PARENT.to_ref_string(), parent);
     }

         id: *signer.node_id(),
         level: level.unwrap_or_else(|| FeatureLevel::arbitrary(g)),
         parent: Arbitrary::arbitrary(g),
         at: Oid::from_sha1(Arbitrary::arbitrary(g)),
         at: Oid::arbitrary(g),
     }
 }
 impl Arbitrary for Refs {
     fn arbitrary(g: &mut qcheck::Gen) -> Self {
         let mut bytes: [u8; 20] = [0; 20];
         let names = &[
             "heads/master",
             "heads/feature/1",