Dependency policies#190
Draft
ericmj wants to merge 9 commits into
Draft
Conversation
Generates hex_pb_policy.erl from the new policy.proto in specifications. hex_registry gains encode_policy/decode_policy/ build_policy/unpack_policy; hex_repo gains get_policy/2 for fetching /repos/<org>/policies/<name>. Round-trip and HTTP fixture tests cover signed payload verification, repository/name mismatch errors, and the no_verify path.
Policies only exist per-organization, so calling get_policy/2 without repo_organization set was silently falling back to the global path and returning a misleading bad_repo_name. Raise a clear error instead. Extend tests to cover the new error path and the no_verify unpack path.
decode_policy/3 now matches published_at as a shape witness, matching
the pattern that decode_package/3 (releases) and decode_names/2 /
decode_versions/2 (packages) use to detect corrupt or mis-routed
payloads.
get_policy/2 returns {error, missing_repo_organization} when
repo_organization is unset, matching the tagged-tuple error idiom
the rest of the module uses. The embedded English string and the
ad-hoc error/1 raise are dropped.
Mirrors the change in specifications. Field 4 is reserved on the wire. The decode_policy/3 shape witness moves from published_at to visibility (also required). Fixtures and tests updated.
Mirrors the renumbering in specifications. The proto was unreleased so back-compat reservations are dead weight.
The Org binding from the case clause is equivalent to repo_name(Config) inside this branch (repo_name/1 returns repo_organization when set), so use it directly and drop the indirection.
visibility is required by the proto, so the pattern always binds it. Keep only the repository/name checks that match against the verifier inputs.
?CONFIG never sets repo_organization, so removing it was misleading. Use ?CONFIG directly — the absence of the key is what the test exercises.
Mention the {error, missing_repo_organization} return so the doc covers
both the success and absence-of-config cases.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.