vvzvlad/gitmost
1
0
Fork 0
Code Issues 14 Pull Requests 12 Packages Projects Releases Activity

fix(git-sync): branch choreography + strict scoping + delete cap (Phase B hardening)

Browse Source 
Fixes found by the live pull/push e2e:
- CRITICAL: driveCycle never checked out the 'docmost' branch before
  applyPullActions, so Docmost content was written straight onto 'main',
  clobbering local file edits before push could diff them. Now checkout
  'docmost' before pull (applyPullActions commits there then checks out main +
  merges) — mirrors the engine's pull main(). Round-trip now works both ways.
- add an unresolved-merge guard (SPEC §9): skip the cycle if the vault is
  mid-merge instead of failing on checkout.
- SAFETY: enabledSpaces() is now STRICT opt-in — only spaces with
  settings.gitSync.enabled===true; removed the all-spaces fallback that synced
  every space (incl. a 92-page one) the moment GIT_SYNC_ENABLED flipped.
- SAFETY: per-cycle delete cap (GIT_SYNC_MAX_DELETES_PER_CYCLE, default 5):
  dry-run the push, and if planned deletes exceed the cap, run the apply with
  deletePage neutralized — phantom absence-deletions from a non-convergent vault
  can't soft-delete real pages. Fails safe if the dry-run throws.
- fix manual trigger: TriggerGitSyncDto.spaceId needs @IsUUID or the global
  whitelist ValidationPipe strips it (arrived undefined -> vault 'undefined').

Live-verified on an isolated flagged space: push (vault file edit -> Docmost
content, stamped lastUpdatedSource='git-sync') and pull (Docmost rename -> vault
file + meta) both work; an unrelated 92-page space stayed untouched throughout.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
claude code agent 227
2026-06-21 15:37:09 +03:00
parent 901147a224
commit 8201e76c66
5 changed files with 133 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
apps/server/src/integrations/environment/environment.validation.ts
View File

@@ -195,6 +195,13 @@ export class EnvironmentVariables {
@IsString()
GIT_SYNC_DEBOUNCE_MS: string;
// Defense-in-depth absolute cap on soft-deletes per push cycle (default 5): a
// non-convergent / phantom-absence cycle can never trash more than this many
// pages without an explicit override. Optional int (validated as a string env).
@IsOptional()
@IsString()
GIT_SYNC_MAX_DELETES_PER_CYCLE: string;
// Required when git-sync is enabled: the service user create/move/rename/delete
// are attributed to (plan §7.2). Optional otherwise.
@ValidateIf((obj) => obj.GIT_SYNC_ENABLED === 'true')