Skip to content

Gpg API#1381

Merged
genedna merged 19 commits into
gitmono-dev:mainfrom
AidCheng:gpg
Aug 27, 2025
Merged

Gpg API#1381
genedna merged 19 commits into
gitmono-dev:mainfrom
AidCheng:gpg

Conversation

@AidCheng

Copy link
Copy Markdown
Contributor

Removed dependency on Sequoia-openpgp
Provided:

  1. Add
  2. List
  3. Delete

AidCheng and others added 17 commits August 23, 2025 00:26
Signed-off-by: AidCheng <cn.aiden.cheng@gmail.com>
…w database still not working

Signed-off-by: AidCheng <cn.aiden.cheng@gmail.com>
Signed-off-by: AidCheng <cn.aiden.cheng@gmail.com>
Signed-off-by: AidCheng <cn.aiden.cheng@gmail.com>
Signed-off-by: AidCheng <cn.aiden.cheng@gmail.com>
Signed-off-by: AidCheng <cn.aiden.cheng@gmail.com>
Signed-off-by: AidCheng <cn.aiden.cheng@gmail.com>
Signed-off-by: AidCheng <cn.aiden.cheng@gmail.com>
Signed-off-by: AidCheng <cn.aiden.cheng@gmail.com>
Signed-off-by: Aid C. <57825561+AidCheng@users.noreply.github.com>
Signed-off-by: Aid C. <57825561+AidCheng@users.noreply.github.com>
Signed-off-by: AidCheng <cn.aiden.cheng@gmail.com>
Signed-off-by: AidCheng <cn.aiden.cheng@gmail.com>
Signed-off-by: AidCheng <cn.aiden.cheng@gmail.com>
Signed-off-by: AidCheng <cn.aiden.cheng@gmail.com>
Signed-off-by: AidCheng <cn.aiden.cheng@gmail.com>
Signed-off-by: AidCheng <cn.aiden.cheng@gmail.com>
@vercel

vercel Bot commented Aug 26, 2025

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Preview Comments Updated (UTC)
mega Ready Ready Preview Comment Aug 27, 2025 1:52am

Signed-off-by: Aid C. <57825561+AidCheng@users.noreply.github.com>

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR implements a GPG key management API by removing the dependency on Sequoia-openpgp and adding functionality for adding, listing, and deleting GPG keys. The implementation includes database migrations, API endpoints, and signature verification capabilities.

  • Added complete GPG key management system with database models and storage layer
  • Implemented API endpoints for adding, listing, and deleting GPG keys
  • Added GPG signature verification for merge requests

Reviewed Changes

Copilot reviewed 42 out of 43 changed files in this pull request and generated 5 comments.

Show a summary per file
File Description
orion-server/src/model/builds.rs Removed empty line for formatting
orion-server/src/api.rs Reformatted long method chains for better readability
mono/src/server/http_server.rs Added GPG API tag constant
mono/src/api/mr/mr_router.rs Added MR signature verification endpoint
mono/src/api/gpg/ New GPG module with router, models, and API endpoints
mono/src/api/mod.rs Integrated GPG storage and module
jupiter/src/storage/ Added GPG storage implementation
jupiter/src/migration/ Added GPG key database table migration
jupiter/callisto/src/gpg_key.rs Added GPG key entity model
libra/src/ Formatting improvements and code organization
ceres/src/api_service/mono_api_service.rs Added GPG signature verification logic
config files Updated dependencies and configuration

Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.

Comment on lines +35 to +38
let _ = state
.gpg_stg()
.remove_gpg_key(req.user_id, req.key_id)
.await;

Copilot AI Aug 27, 2025

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The error from remove_gpg_key is being ignored with let _. This could mask important failures. Consider handling the error appropriately or returning it to the caller.

Suggested change
let _ = state
.gpg_stg()
.remove_gpg_key(req.user_id, req.key_id)
.await;
state
.gpg_stg()
.remove_gpg_key(req.user_id, req.key_id)
.await?;

Copilot uses AI. Check for mistakes.
Comment on lines +55 to +58
let _ = state
.gpg_stg()
.add_gpg_key(req.user_id, req.gpg_content, req.expires_days)
.await;

Copilot AI Aug 27, 2025

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The error from add_gpg_key is being ignored with let _. This could mask important failures. Consider handling the error appropriately or returning it to the caller.

Suggested change
let _ = state
.gpg_stg()
.add_gpg_key(req.user_id, req.gpg_content, req.expires_days)
.await;
state
.gpg_stg()
.add_gpg_key(req.user_id, req.gpg_content, req.expires_days)
.await?;

Copilot uses AI. Check for mistakes.
Comment on lines +37 to +39
let (pk, _headers) = SignedPublicKey::from_string(&gpg_content)?;
let key_id = format!("{:016X}", pk.key_id());
let fingerprint = format!("{:?}", pk.fingerprint());

Copilot AI Aug 27, 2025

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Using {:?} for fingerprint formatting may include debug formatting artifacts. Consider using a more appropriate format specifier or method that produces the expected fingerprint format.

Copilot uses AI. Check for mistakes.
Comment on lines +609 to +613
.storage
.user_storage()
.find_user_by_email(&self.extract_email(&content).await.unwrap_or_default())
.await?
.unwrap()

Copilot AI Aug 27, 2025

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This code will panic if find_user_by_email returns None. The unwrap() after the await? should be replaced with proper error handling that returns an appropriate error instead of panicking.

Suggested change
.storage
.user_storage()
.find_user_by_email(&self.extract_email(&content).await.unwrap_or_default())
.await?
.unwrap()
.ok_or_else(|| MegaError::with_message("User not found for commit email"))?

Copilot uses AI. Check for mistakes.
Comment on lines +620 to +621
async fn extract_email(&self, s: &str) -> Option<String> {
let re = Regex::new(r"<\s*(?P<email>[^<>@\s]+@[^<>@\s]+)\s*>").unwrap();

Copilot AI Aug 27, 2025

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Creating a new Regex instance on every call is inefficient. Consider using a static regex or lazy_static to compile the regex once and reuse it.

Copilot uses AI. Check for mistakes.
@genedna
genedna enabled auto-merge August 27, 2025 02:10
@genedna
genedna merged commit 440accf into gitmono-dev:main Aug 27, 2025
21 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants