fix(sync): robust git coupling — non-ASCII paths, config neutralization, runtime git
Address git-integration fragility (output is not parsed for control flow; we rely on exit codes + plumbing — but porcelain BEHAVIOR is config-sensitive, and the runtime image lacked git). - listTrackedFiles: `git -c core.quotepath=false ls-files -z` + NUL split — fixes Cyrillic/UTF-8 vault filenames being returned octal-escaped/quoted - Dockerfile: install git (node:22-slim ships none; the daemon shells out at runtime) - VaultGit env: LC_ALL=C/LANG=C, GIT_PAGER=cat, GIT_TERMINAL_PROMPT=0; keep stripping GIT_DIR/GIT_WORK_TREE (cwd-isolation, §12) - ensureRepo local config: core.autocrlf=false + core.safecrlf=false (protect §11 byte-stability from a global autocrlf=true), commit.gpgsign=false, and core.attributesFile=/dev/null (neutralize a global clean/smudge filter that would rewrite the stored blob); commit uses --no-verify (skip injected hooks) - assertGitAvailable() preflight: clear error if the git binary is missing - tests: Cyrillic listTrackedFiles, LF byte-preservation of the stored blob, local-config neutralization incl. attributesFile (590+ green)
This commit is contained in:
@@ -119,6 +119,9 @@ async function main(): Promise<void> {
|
||||
// 1. Ensure the vault git repo exists with main + an initial commit, and the
|
||||
// engine-only `docmost` branch exists, branched from main.
|
||||
const git = new VaultGit(vaultRoot);
|
||||
// Preflight: fail fast (with an actionable message via main().catch) if the
|
||||
// git binary is missing — the entire vault state store relies on it.
|
||||
await git.assertGitAvailable();
|
||||
await git.ensureRepo();
|
||||
|
||||
// 1b. Refuse to run on top of an unresolved merge (SPEC §9 / §12). A previous
|
||||
|
||||
Reference in New Issue
Block a user