1 files changed, 21 insertions, 0 deletions
diff --git a/src/git/authorization.rs b/src/git/authorization.rs
index 9d53c4f..69a0751 100644
--- a/src/git/authorization.rs
+++ b/src/git/authorization.rs
@@ -661,6 +661,27 @@ pub async fn get_state_authorization_for_specific_owner_repo(
                        .unwrap_or_else(|_| latest_authorized.pubkey.to_hex())
                );
+                // Extend purgatory announcement expiry for the owner.
+                //
+                // Per design doc decision #4: git auth extending a state event's expiry
+                // also extends the announcement's expiry. The repo is actively receiving
+                // git data, so the announcement should not expire prematurely.
+                // This also revives soft-expired announcements (recreates bare repo).
+                if let Ok(owner_pk) = PublicKey::parse(owner_pubkey) {
+                    if purgatory.has_purgatory_announcement(&owner_pk, identifier) {
+                        purgatory.extend_announcement_expiry(
+                            &owner_pk,
+                            identifier,
+                            std::time::Duration::from_secs(1800),
+                        );
+                        debug!(
+                            identifier = %identifier,
+                            owner = %owner_pubkey,
+                            "Extended purgatory announcement expiry due to git push authorization"
+                        );
+                    }
+                }
                return Ok(AuthorizationResult {
                    authorized: true,
                    reason: "Authorized by state event in purgatory".to_string(),

diff --git a/src/git/authorization.rs b/src/git/authorization.rs index 9d53c4f..69a0751 100644 --- a/src/git/authorization.rs +++ b/src/git/authorization.rs
@@ -661,6 +661,27 @@ pub async fn get_state_authorization_for_specific_owner_repo(
661	.unwrap_or_else(\|_\| latest_authorized.pubkey.to_hex())	661	.unwrap_or_else(\|_\| latest_authorized.pubkey.to_hex())
662	);	662	);
663		663
		664	// Extend purgatory announcement expiry for the owner.
		665	//
		666	// Per design doc decision #4: git auth extending a state event's expiry
		667	// also extends the announcement's expiry. The repo is actively receiving
		668	// git data, so the announcement should not expire prematurely.
		669	// This also revives soft-expired announcements (recreates bare repo).
		670	if let Ok(owner_pk) = PublicKey::parse(owner_pubkey) {
		671	if purgatory.has_purgatory_announcement(&owner_pk, identifier) {
		672	purgatory.extend_announcement_expiry(
		673	&owner_pk,
		674	identifier,
		675	std::time::Duration::from_secs(1800),
		676	);
		677	debug!(
		678	identifier = %identifier,
		679	owner = %owner_pubkey,
		680	"Extended purgatory announcement expiry due to git push authorization"
		681	);
		682	}
		683	}
		684
664	return Ok(AuthorizationResult {	685	return Ok(AuthorizationResult {
665	authorized: true,	686	authorized: true,
666	reason: "Authorized by state event in purgatory".to_string(),	687	reason: "Authorized by state event in purgatory".to_string(),