~sircmpwn/sr.ht-dev

hg.sr.ht: Archive to temp directory with fixed filename v1 APPLIED

Nolan Prescott <mail@nprescott.com>
2 years ago 
Nolan Prescott: 1
 Archive to temp directory with fixed filename

 1 files changed, 10 insertions(+), 13 deletions(-)
Ludovic Chabant <ludovic@chabant.com>
2 years ago 
LGTM, merged.
Thanks a lot!
Export patchset (mbox)
How do I use this?

Copy & paste the following snippet into your terminal to import this patchset into git: 

curl -s https://lists.sr.ht/~sircmpwn/sr.ht-dev/patches/15870/mbox | git am -3
Learn more about email & git
Reply to thread View this thread in the archives

[PATCH hg.sr.ht] Archive to temp directory with fixed filename Export this patch

Nolan Prescott <mail@nprescott.com>
2 years ago 
Previously, the archive was generated at a randomized temporary path
before being sent to the client under a fixed name corresponding to
`repo.name + "-" + rev_escaped`

The temporary filename caused the archive checksums to vary between
downloads, despite the otherwise unchanged archive contents. If
instead the archive is created in a randomized _directory_ with a
fixed filename the generated archive checksum should not vary.

Intended to address: todo.sr.ht/~sircmpwn/hg.sr.ht/33

Tested it like this to validate assumption about randomized path:

```shell
cd /tmp/example; hg init
echo "hi" > example.txt
hg add . ; hg commit -m "init"
```

```python
import hglib

client = hglib.open('/tmp/example)

client.archive('/tmp/foo/test.tgz', rev='0', prefix='example', type='tgz')

# shouldn't match anything due to different filenames
client.archive('/tmp/foo-test.tgz', rev='0', prefix='example', type='tgz')
client.archive('/tmp/bar-test.tgz', rev='0', prefix='example', type='tgz')

# should match same-name tarfile despite different path
client.archive('/tmp/bar/test.tgz', rev='0', prefix='example', type='tgz')
```

```shell
sha256 /tmp/foo/test.tgz /tmp/bar/test.tgz /tmp/foo-test.tgz /tmp/bar-test.tgz

SHA256 (/tmp/foo/test.tgz) = 5d3737fd5eda095de926439a8ae368c1f49f1247f10234a9cef77cef6bfa7e0c
SHA256 (/tmp/bar/test.tgz) = 5d3737fd5eda095de926439a8ae368c1f49f1247f10234a9cef77cef6bfa7e0c
SHA256 (/tmp/foo-test.tgz) = 957a1b8ef320d54c1792267281abe5a57e6d18f47482c06f7f1c50b6a537cd7a
SHA256 (/tmp/bar-test.tgz) = 225774119025f316c676da0b8766da597830a3b8dfe6a63970abfae94ab44eee
```

diff --git a/hgsrht/blueprints/repo.py b/hgsrht/blueprints/repo.py
--- a/hgsrht/blueprints/repo.py
+++ b/hgsrht/blueprints/repo.py
@@ -1,4 +1,4 @@
import binascii
import tempfile
import hashlib
import io
import json
@@ -644,22 +644,19 @@

        rev = commit.display_name
        rev_escaped = rev.replace('/', '_')
        path = f"/tmp/{rev_escaped}{binascii.hexlify(os.urandom(8))}.tar.gz"
        basename = repo.name + "-" + rev_escaped
        try:
            hg_repo.client.archive(path.encode(),
                    rev=rev,
                    prefix=basename,
                    type="tgz")
        except:

        with tempfile.TemporaryDirectory() as tmpdir:
            path = f"{tmpdir}/{rev_escaped}.tar.gz"
            try:
                os.unlink(path)
                hg_repo.client.archive(path.encode(),
                        rev=rev,
                        prefix=basename,
                        type="tgz")
            except:
                pass
            raise
                raise

        f = open(path, "rb")
        os.unlink(path)
            f = open(path, "rb")

        return send_file(f,
                as_attachment=True,
Drew DeVault <sir@cmpwn.com>
2 years ago 
Cc Ludovic