Abstract hash function usage (#28138)

Refactor Hash interfaces and centralize hash function. This will allow easier introduction of different hash function later on. This forms the "no-op" part of the SHA256 enablement patch.
2025-07-22 18:28:37 +00:00 · 2023-12-13 21:02:00 +00:00
parent 064f05204c
commit cbf923e87b
122 changed files with 947 additions and 594 deletions
--- a/routers/private/hook_post_receive.go
+++ b/routers/private/hook_post_receive.go
@@ -159,8 +159,7 @@ func HookPostReceive(ctx *gitea_context.PrivateContext) {
 		}

 		// If we've pushed a branch (and not deleted it)
-		if newCommitID != git.EmptySHA && refFullName.IsBranch() {
-
+		if git.IsEmptyCommitID(newCommitID) && refFullName.IsBranch() {
 			// First ensure we have the repository loaded, we're allowed pulls requests and we can get the base repo
 			if repo == nil {
 				repo = loadRepository(ctx, ownerName, repoName)
--- a/routers/private/hook_pre_receive.go
+++ b/routers/private/hook_pre_receive.go
@@ -145,8 +145,9 @@ func preReceiveBranch(ctx *preReceiveContext, oldCommitID, newCommitID string, r

 	repo := ctx.Repo.Repository
 	gitRepo := ctx.Repo.GitRepo
+	objectFormat, _ := gitRepo.GetObjectFormat()

-	if branchName == repo.DefaultBranch && newCommitID == git.EmptySHA {
+	if branchName == repo.DefaultBranch && newCommitID == objectFormat.Empty().String() {
 		log.Warn("Forbidden: Branch: %s is the default branch in %-v and cannot be deleted", branchName, repo)
 		ctx.JSON(http.StatusForbidden, private.Response{
 			UserMsg: fmt.Sprintf("branch %s is the default branch and cannot be deleted", branchName),
@@ -174,7 +175,7 @@ func preReceiveBranch(ctx *preReceiveContext, oldCommitID, newCommitID string, r
 	// First of all we need to enforce absolutely:
 	//
 	// 1. Detect and prevent deletion of the branch
-	if newCommitID == git.EmptySHA {
+	if newCommitID == objectFormat.Empty().String() {
 		log.Warn("Forbidden: Branch: %s in %-v is protected from deletion", branchName, repo)
 		ctx.JSON(http.StatusForbidden, private.Response{
 			UserMsg: fmt.Sprintf("branch %s is protected from deletion", branchName),
@@ -183,7 +184,7 @@ func preReceiveBranch(ctx *preReceiveContext, oldCommitID, newCommitID string, r
 	}

 	// 2. Disallow force pushes to protected branches
-	if git.EmptySHA != oldCommitID {
+	if oldCommitID != objectFormat.Empty().String() {
 		output, _, err := git.NewCommand(ctx, "rev-list", "--max-count=1").AddDynamicArguments(oldCommitID, "^"+newCommitID).RunStdString(&git.RunOpts{Dir: repo.RepoPath(), Env: ctx.env})
 		if err != nil {
 			log.Error("Unable to detect force push between: %s and %s in %-v Error: %v", oldCommitID, newCommitID, repo, err)
--- a/routers/private/hook_verification.go
+++ b/routers/private/hook_verification.go
@@ -29,7 +29,8 @@ func verifyCommits(oldCommitID, newCommitID string, repo *git.Repository, env []
 	}()

 	var command *git.Command
-	if oldCommitID == git.EmptySHA {
+	objectFormat, _ := repo.GetObjectFormat()
+	if oldCommitID == objectFormat.Empty().String() {
 		// When creating a new branch, the oldCommitID is empty, by using "newCommitID --not --all":
 		// List commits that are reachable by following the newCommitID, exclude "all" existing heads/tags commits
 		// So, it only lists the new commits received, doesn't list the commits already present in the receiving repository
@@ -82,7 +83,8 @@ func readAndVerifyCommit(sha string, repo *git.Repository, env []string) error {
 		_ = stdoutReader.Close()
 		_ = stdoutWriter.Close()
 	}()
-	hash := git.MustIDFromString(sha)
+	objectFormat, _ := repo.GetObjectFormat()
+	commitID := objectFormat.MustIDFromString(sha)

 	return git.NewCommand(repo.Ctx, "cat-file", "commit").AddDynamicArguments(sha).
 		Run(&git.RunOpts{
@@ -91,7 +93,7 @@ func readAndVerifyCommit(sha string, repo *git.Repository, env []string) error {
 			Stdout: stdoutWriter,
 			PipelineFunc: func(ctx context.Context, cancel context.CancelFunc) error {
 				_ = stdoutWriter.Close()
-				commit, err := git.CommitFromReader(repo, hash, stdoutReader)
+				commit, err := git.CommitFromReader(repo, commitID, stdoutReader)
 				if err != nil {
 					return err
 				}
--- a/routers/private/hook_verification_test.go
+++ b/routers/private/hook_verification_test.go
@@ -22,14 +22,17 @@ func TestVerifyCommits(t *testing.T) {
 	defer gitRepo.Close()
 	assert.NoError(t, err)

+	objectFormat, err := gitRepo.GetObjectFormat()
+	assert.NoError(t, err)
+
 	testCases := []struct {
 		base, head string
 		verified   bool
 	}{
 		{"72920278f2f999e3005801e5d5b8ab8139d3641c", "d766f2917716d45be24bfa968b8409544941be32", true},
-		{git.EmptySHA, "93eac826f6188f34646cea81bf426aa5ba7d3bfe", true}, // New branch with verified commit
+		{objectFormat.Empty().String(), "93eac826f6188f34646cea81bf426aa5ba7d3bfe", true}, // New branch with verified commit
 		{"9779d17a04f1e2640583d35703c62460b2d86e0a", "72920278f2f999e3005801e5d5b8ab8139d3641c", false},
-		{git.EmptySHA, "9ce3f779ae33f31fce17fac3c512047b75d7498b", false}, // New branch with unverified commit
+		{objectFormat.Empty().String(), "9ce3f779ae33f31fce17fac3c512047b75d7498b", false}, // New branch with unverified commit
 	}

 	for _, tc := range testCases {