Conversation
Byron
force-pushed
the
gix-error
branch
2 times, most recently
from
07cbdfc to
1632f78
Compare
Byron
force-pushed
the
gix-error
branch
16 times, most recently
from
1427ae2 to
bfaba3f
Compare
Byron
force-pushed
the
gix-error
branch
2 times, most recently
from
8bb2abc to
ec904dc
Compare
There was a problem hiding this comment.
Pull request overview
This PR migrates 11 plumbing crates from thiserror to gix-error, implementing the project's error handling standardization strategy. The migration replaces enum-based error types with gix_error::Exn and uses message-based error construction for better composability and reduced boilerplate.
Changes:
- Replaces
thiserrorenums withgix_error::Exn<gix_error::Message>orgix_error::ValidationError - Updates error construction to use
message!()andraise()patterns - Adjusts downstream crates to handle new error types via
.into_error()conversions - Replaces deprecated
#[allow(missing_docs)]with#[expect(missing_docs)]throughout
Reviewed changes
Copilot reviewed 299 out of 349 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| gix-bitmap/src/ewah.rs | Converts EWAH decode error from thiserror enum to gix-error ValidationError |
| gix-quote/src/ansi_c.rs | Replaces ansi_c undo error enum with Exn |
| gix-mailmap/src/parse.rs | Converts mailmap parse errors to ValidationError |
| gix-fs/src/stack.rs | Updates path component error to ValidationError |
| gix-lock/src/acquire.rs | Migrates lock acquisition errors to Exn |
| gix-path/src/relative_path.rs | Converts RelativePath error to Exn |
| gix-path/src/realpath.rs | Replaces realpath error enum with Exn |
| gix-packetline/* | Converts encode/decode errors to gix-error types |
| gix-attributes/src/parse.rs | Migrates attribute parse errors to Exn |
| gix-url/src/expand_path.rs | Converts expand_path error to Exn |
| gix-hash/src/* | Replaces all hash-related errors with gix-error types |
| gix-features/src/zlib/* | Converts compression/decompression errors to Exn |
| gix/* | Updates downstream consumers to handle new error types |
gix-url/tests/url/parse/file.rs
Outdated
| assert!( | ||
| err.to_string().contains("does not specify a path to a repository"), |
There was a problem hiding this comment.
The error message assertion uses contains() which is fragile - it could break if the error message wording changes. Consider using a more specific error type check or pattern matching instead of string comparison.
| assert!( | |
| err.to_string().contains("does not specify a path to a repository"), | |
| assert_eq!( | |
| "does not specify a path to a repository", | |
| err.to_string(), |
gix-hash/src/hasher.rs
Outdated
| CollisionResult::Collision(digest) => Err(gix_error::message!( | ||
| "Detected SHA-1 collision attack with digest {}", | ||
| crate::ObjectId::Sha1(digest.into()) | ||
| )), |
There was a problem hiding this comment.
The error message exposes the full digest of a collision attack. Consider whether this information should be included in user-facing error messages, as it might aid attackers in understanding detection mechanisms.
| CollisionResult::Collision(digest) => Err(gix_error::message!( | |
| "Detected SHA-1 collision attack with digest {}", | |
| crate::ObjectId::Sha1(digest.into()) | |
| )), | |
| CollisionResult::Collision(_digest) => Err(gix_error::message( | |
| "Detected SHA-1 collision attack" | |
| )), |
There was a problem hiding this comment.
This Copilot code review suggestion makes no sense.
- SHA-1 collision detection mechanisms are not secret.
- If such a mechanism were secret, it would most likely be inadequately studied, unsafe for use, and ineffective.
- We detect the same collisions Git detects; if we didn't, that would violate users' security and compatibility assumptions.
- Gitoxide is free open source software.
- Gitoxide may be used in closed source software, but the library code that detects collisions is still free open soruce software.
- Attackers don't need help finding out which of the collisions that they have themselves produced are being detected. They already know.
- If somehow they didn't already know, they can attempt one collision at a time to find out.
- Omitting this information would directly prevent victims of an attack from knowing essential information that is already available to attackers.
There was a problem hiding this comment.
I didn't even read them yet, as I am working my way through this manually anyway. But it's interesting to see what it makes up sometimes.
gix-object/benches/edit_tree.rs
Outdated
| tree.write_to(&mut buf) | ||
| .or_raise(|| gix_error::message("write tree to buffer"))?; |
There was a problem hiding this comment.
In benchmark code, adding error context via or_raise could impact performance measurements. Consider using direct error propagation with ? to minimize overhead in performance-critical paths.
| let msg = err.to_string(); | ||
| assert!( | ||
| msg.starts_with(expected.as_ref()), | ||
| "Expected error starting with '{}', got '{msg}'", | ||
| expected.as_ref() | ||
| ); |
There was a problem hiding this comment.
The test helper now uses starts_with() instead of exact equality, which is more flexible but may hide issues where error messages have changed completely. Consider documenting why prefix matching is sufficient for these tests.
gix/examples/clone.rs
Outdated
| let url = gix::url::parse(repo_url.to_str().unwrap().into()).map_err(gix_error::Exn::into_error)?; | ||
|
|
||
| println!("Url: {:?}", url.to_bstring()); |
There was a problem hiding this comment.
Line 19 parses the URL and converts to error, but line 22 passes the raw repo_url string to prepare_clone. The parsed URL is only used for printing, making the parse operation redundant. Consider removing the redundant parse or using the parsed URL if possible.
| let url = gix::url::parse(repo_url.to_str().unwrap().into()).map_err(gix_error::Exn::into_error)?; | |
| println!("Url: {:?}", url.to_bstring()); |
This allows to more conveniently create validation errors.
Replace the thiserror-derived `ewah::decode::Error` enum with `gix_error::Exn<gix_error::ValidationError>`, using `ok_or_raise()` for Option-based error creation. Co-Authored-By: Sebastian Thiel <sebastian.thiel@icloud.com> Co-authored-by: chatgpt-codex-connector[bot] <199175422+chatgpt-codex-connector[bot]@users.noreply.github.com>
Replace the thiserror-derived `ansi_c::undo::Error` enum with `gix_error::Exn<gix_error::ValidationError>`, converting the `Error::new()` factory and variant constructors to `message!()` calls. Co-Authored-By: Sebastian Thiel <sebastian.thiel@icloud.com> Co-authored-by: chatgpt-codex-connector[bot] <199175422+chatgpt-codex-connector[bot]@users.noreply.github.com>
Replace the thiserror-derived `parse::Error` enum with `gix_error::Exn<gix_error::ValidationError>`. Tests converted from variant pattern matching to string-based assertions. Co-Authored-By: Sebastian Thiel <sebastian.thiel@icloud.com> Co-authored-by: chatgpt-codex-connector[bot] <199175422+chatgpt-codex-connector[bot]@users.noreply.github.com>
Replace the thiserror-derived `to_normal_path_components::Error` enum with `gix_error::Exn<gix_error::Message>`. Co-Authored-By: Sebastian Thiel <sebastian.thiel@icloud.com> Co-authored-by: chatgpt-codex-connector[bot] <199175422+chatgpt-codex-connector[bot]@users.noreply.github.com>
Replace the thiserror-derived `acquire::Error` enum with `gix_error::Exn<gix_error::Message>`. The manually-implemented `commit::Error<T>` is unchanged. Also fix gix-testtools for the new error type. Co-Authored-By: Sebastian Thiel <sebastian.thiel@icloud.com> Co-authored-by: chatgpt-codex-connector[bot] <199175422+chatgpt-codex-connector[bot]@users.noreply.github.com>
Replace the thiserror-derived `relative_path::Error` and `realpath::Error` enums with `gix_error::Exn<gix_error::Message>`. Also fix downstream gix-ref for the changed error type. Co-Authored-By: Sebastian Thiel <sebastian.thiel@icloud.com> Co-authored-by: chatgpt-codex-connector[bot] <199175422+chatgpt-codex-connector[bot]@users.noreply.github.com>
2 participants
Tasks