From 33a72aa745ea6b6594bacfb71ea8ff2778f9b748 Mon Sep 17 00:00:00 2001 From: DanConwayDev Date: Mon, 30 Mar 2026 10:54:31 +0000 Subject: fix(patch): don't error on commit id mismatch for pgp-signed commits MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit When applying a patch with a pgp signature, commit_create_buffer + commit_signed reconstructs the signed commit object. The resulting OID matches the original only if commit_create_buffer produces the exact same bytes that git originally signed — which isn't guaranteed across different git implementations or versions. The existing amend workaround (which re-applies author/committer to recover the correct OID) is preserved for unsigned commits. For pgp-signed commits the amend still runs but the mismatch bail is skipped, since the tree, author, committer, message and signature are all correct regardless of the OID difference. --- src/lib/git/mod.rs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'src/lib') diff --git a/src/lib/git/mod.rs b/src/lib/git/mod.rs index c5b5f2e..f9ce043 100644 --- a/src/lib/git/mod.rs +++ b/src/lib/git/mod.rs @@ -740,7 +740,7 @@ impl RepoActions for Repo { .git_repo .commit_signed( commit_buff.as_str().unwrap(), - pgp_sig.unwrap_or(String::new()).as_str(), + pgp_sig.as_deref().unwrap_or(""), None, ) .context("failed to create signed commit")?; @@ -773,7 +773,7 @@ impl RepoActions for Repo { ) .context("failed to amend commit to produce new oid")?; } - if !applied_oid.to_string().eq(commit_id) { + if !applied_oid.to_string().eq(commit_id) && pgp_sig.is_none() { bail!( "when applied the patch commit id ({}) doesn't match the one specified in the event tag ({})", applied_oid, -- cgit v1.2.3