From c3dedb7a5b527c3a3deb1e781aba9d562c6eb294 Mon Sep 17 00:00:00 2001 From: DanConwayDev Date: Mon, 23 Feb 2026 12:54:57 +0000 Subject: feat: extend purgatory announcement expiry during git push authorization Per design doc decision #4: when git auth finds a matching state event in purgatory that authorizes a push, extend the announcement's expiry. The repo is actively receiving git data so the announcement should not expire prematurely. Also triggers revival of soft-expired announcements. --- src/git/authorization.rs | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) (limited to 'src') diff --git a/src/git/authorization.rs b/src/git/authorization.rs index 9d53c4f..69a0751 100644 --- a/src/git/authorization.rs +++ b/src/git/authorization.rs @@ -661,6 +661,27 @@ pub async fn get_state_authorization_for_specific_owner_repo( .unwrap_or_else(|_| latest_authorized.pubkey.to_hex()) ); + // Extend purgatory announcement expiry for the owner. + // + // Per design doc decision #4: git auth extending a state event's expiry + // also extends the announcement's expiry. The repo is actively receiving + // git data, so the announcement should not expire prematurely. + // This also revives soft-expired announcements (recreates bare repo). + if let Ok(owner_pk) = PublicKey::parse(owner_pubkey) { + if purgatory.has_purgatory_announcement(&owner_pk, identifier) { + purgatory.extend_announcement_expiry( + &owner_pk, + identifier, + std::time::Duration::from_secs(1800), + ); + debug!( + identifier = %identifier, + owner = %owner_pubkey, + "Extended purgatory announcement expiry due to git push authorization" + ); + } + } + return Ok(AuthorizationResult { authorized: true, reason: "Authorized by state event in purgatory".to_string(), -- cgit v1.2.3