brooktrails/directory-pacifier
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: Add content hash implementation for cryptographic commitments #1

Merged
rcsheets merged 1 commit from feat/content-hash into main 2026-04-11 21:45:52 +00:00
Conversation 1 Commits 1 Files changed 4 +387
rcsheets commented 2026-04-11 21:43:59 +00:00
Owner
Copy link

Canonical JSON serialization (sorted keys, no whitespace) + SHA-256,
shared between control loop and RPC server. Handles both operations
and rollout plans. Key-order and whitespace in JSONB parameters and
strategy fields are normalized before hashing so equivalent values
always produce identical hashes.

Co-Authored-By: Claude Opus 4.6 (1M context) noreply@anthropic.com

Canonical JSON serialization (sorted keys, no whitespace) + SHA-256, shared between control loop and RPC server. Handles both operations and rollout plans. Key-order and whitespace in JSONB parameters and strategy fields are normalized before hashing so equivalent values always produce identical hashes. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Canonical JSON serialization (sorted keys, no whitespace) + SHA-256,
shared between control loop and RPC server. Handles both operations
and rollout plans. Key-order and whitespace in JSONB parameters and
strategy fields are normalized before hashing so equivalent values
always produce identical hashes.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
pr-reviewer-bot commented 2026-04-11 21:44:01 +00:00
Collaborator
Copy link

Automated review by pr-reviewer v0.15.0 | Safety Check | anthropic | tracking id r-dac0a1-28c6be
This is an AI-generated review and may contain mistakes.

Status: Completed

Verdict: LGTM — The Go version number looks like a typo (1.26.2 instead of something like 1.23.2), but otherwise this is a straightforward cryptographic hashing implementation with proper tests.
Complexity: moderate

Safety Check Review

Issues Found

Minor concern: The go.mod file specifies Go version 1.26.2, which appears to be a typo. Current Go versions are in the 1.21-1.23 range as of my last knowledge. This should probably be something like 1.23.2.

No Security Issues

  • No exposed secrets or credentials
  • No obvious injection vulnerabilities
  • Standard cryptographic libraries used (SHA-256)
  • No authentication bypasses

Code Quality

The implementation looks solid:

  • Proper error handling throughout
  • Comprehensive test coverage including edge cases
  • Canonical JSON serialization correctly implemented
  • Dependencies are standard and legitimate (google/uuid)

The high entropy warning for go.sum is expected - these are cryptographic checksums of dependencies, not a security concern.

*Automated review by [pr-reviewer](https://git.brooktrails.org/brooktrails/pr-reviewer) v0.15.0 | Safety Check | anthropic | tracking id `r-dac0a1-28c6be`* *This is an AI-generated review and may contain mistakes.* **Status:** ✅ Completed --- **✅ Verdict: LGTM** — The Go version number looks like a typo (1.26.2 instead of something like 1.23.2), but otherwise this is a straightforward cryptographic hashing implementation with proper tests. **Complexity:** moderate # Safety Check Review ## Issues Found **Minor concern**: The `go.mod` file specifies Go version `1.26.2`, which appears to be a typo. Current Go versions are in the 1.21-1.23 range as of my last knowledge. This should probably be something like `1.23.2`. ## No Security Issues - No exposed secrets or credentials - No obvious injection vulnerabilities - Standard cryptographic libraries used (SHA-256) - No authentication bypasses ## Code Quality The implementation looks solid: - Proper error handling throughout - Comprehensive test coverage including edge cases - Canonical JSON serialization correctly implemented - Dependencies are standard and legitimate (google/uuid) The high entropy warning for `go.sum` is expected - these are cryptographic checksums of dependencies, not a security concern.
rcsheets deleted branch feat/content-hash 2026-04-11 21:45:53 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
brooktrails/directory-pacifier!1
No description provided.