fix: harden core error handling, blob verification, and force-mode reporting#56
Open
Wenxin-Jiang wants to merge 1 commit intomainfrom
Open
fix: harden core error handling, blob verification, and force-mode reporting#56Wenxin-Jiang wants to merge 1 commit intomainfrom
Wenxin-Jiang wants to merge 1 commit intomainfrom
Conversation
…porting - Propagate real I/O and parse errors from read_manifest instead of silently returning Ok(None), so callers see the actual failure reason - Verify downloaded blob content hash before writing to disk, rejecting corrupted or mismatched data at fetch time - Distinguish all-AlreadyPatched from all-NotFound in --force mode, surfacing an informational message when patch files are skipped Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Contributor
Author
|
@claude review once |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Three independent hardening fixes in
socket-patch-core:read_manifesterror propagation (MEDIUM-2): Non-NotFound I/O errors (permissions, disk failures) and JSON parse/validation errors are now propagated asErrinstead of silently mapped toOk(None). Users see the real error ("Permission denied") instead of the misleading "Invalid manifest".download_hashesnow computesgit_sha256on downloaded content and verifies it matches the expected hash before writing to disk. Corrupt downloads are rejected with a "Content hash mismatch" error.--force+ all NotFound reporting (MEDIUM-1):apply_package_patchnow distinguishes all-AlreadyPatched from all-NotFound-skipped. When every file is NotFound under--force, the result is stillsuccess: true(to not break CI) but includes an informational error message: "All patch files were skipped: N not found on disk (--force)".Test plan
cargo check --workspace --all-featurescompilescargo test -p socket-patch-corepasses (255 tests)cargo test -p socket-patch-clipassesapply— should show real permission errorapply --forceagainst a package where all files are missing — should succeed but show skip message🤖 Generated with Claude Code