refactor: repo::create -> create_repo

Taxrosdev · Taxrosdev · commit a57d0523212c · 2025-11-21T21:56:41.000+13:00
Also removes read_manifest_signed, as it's pretty legacy and only used by tests
diff --git a/Cargo.toml b/Cargo.toml
@@ -75,3 +75,4 @@ nursery = "warn"
 
 [profile.release]
 lto = true
+debug = "line-tables-only"
diff --git a/src/chunks/network.rs b/src/chunks/network.rs
@@ -18,6 +18,7 @@ pub async fn install_chunk(
 ) -> Result<()> {
     let chunk_name = get_chunk_filename(&chunk.hash, chunk.permissions);
     let chunk_path = chunk_store_path.join(&chunk_name);
+    let tmp_chunk_path = chunk_store_path.join(format!("{}.tmp", &chunk_name));
 
     if chunk_path.exists() {
         return Ok(());
@@ -30,7 +31,8 @@ pub async fn install_chunk(
     let hash = hash(hash_kind, &body);
 
     if hash == chunk.hash {
-        fs::write(&chunk_path, body)?;
+        fs::write(&tmp_chunk_path, body)?;
+        fs::rename(&tmp_chunk_path, &chunk_path)?;
 
         Ok(())
     } else {
diff --git a/src/commands/repo.rs b/src/commands/repo.rs
@@ -6,7 +6,7 @@ use std::{fs, os::unix::fs::symlink, path::Path};
 use crate::RepoCommands;
 use flintpkg::{
     crypto::signing::sign,
-    repo::{self, read_manifest, remove_package, update_manifest},
+    repo::{create_repo, read_manifest, remove_package, update_manifest},
     utils::resolve_repo,
 };
 
@@ -19,7 +19,7 @@ pub async fn repo_commands(
         RepoCommands::Create { repo_name } => {
             let repo_path = &base_path.join(&repo_name);
 
-            repo::create(repo_path, None)?;
+            create_repo(repo_path, None)?;
             symlink(Path::new("../../chunks"), repo_path.join("chunks"))?;
         }
 
diff --git a/src/repo/manifest_io.rs b/src/repo/manifest_io.rs
@@ -8,9 +8,6 @@ use crate::{
 
 /// Reads a manifest and verifys it from the EXISTING key. This is best for GENERAL reading.
 ///
-/// # Warning
-/// Do NOT run on downloaded manifests before `read_manifest_signed`, or else potentially malicious inputs will be parsed.
-///
 /// # Errors
 ///
 /// - Filesystem errors (Permissions or doesn't exist)
@@ -37,26 +34,6 @@ fn read_manifest_unsigned(repo_path: &Path) -> Result<RepoManifest> {
     Ok(manifest)
 }
 
-/// Reads a manifest and verifys it. This is best for WHEN it has been downloaded.
-///
-/// # Errors
-///
-/// - Filesystem errors (Permissions or doesn't exist)
-/// - Invalid signature
-pub fn read_manifest_signed(repo_path: &Path, public_key_serialized: &str) -> Result<RepoManifest> {
-    let manifest_serialized = fs::read_to_string(repo_path.join("manifest.yml"))?;
-    let manifest_signature_serialized = fs::read(repo_path.join("manifest.yml.sig"))?;
-
-    verify_signature(
-        &manifest_serialized,
-        &manifest_signature_serialized,
-        deserialize_verifying_key(public_key_serialized)?,
-    )?;
-
-    let manifest = serde_yaml::from_str(&manifest_serialized)?;
-    Ok(manifest)
-}
-
 /// Replaces the existing manifest with another one, and verifies that it is correct
 ///
 /// # Errors
@@ -104,7 +81,8 @@ pub fn atomic_replace(base_path: &Path, filename: &str, contents: &[u8]) -> Resu
 #[cfg(test)]
 mod tests {
     use super::*;
-    use crate::{crypto::signing::sign, repo::create};
+    use crate::crypto::signing::sign;
+    use crate::repo::create_repo;
     use temp_dir::TempDir;
 
     #[test]
@@ -126,7 +104,7 @@ mod tests {
     fn test_update_manifest_valid_and_invalid() -> Result<()> {
         let repo = TempDir::new()?;
         let repo_path = repo.path();
-        create(repo_path, Some(repo_path))?;
+        create_repo(repo_path, Some(repo_path))?;
 
         let old_manifest = read_manifest(repo_path)?;
 
@@ -156,10 +134,10 @@ mod tests {
     fn test_read_signed_manifest() -> Result<()> {
         let repo = TempDir::new()?;
         let repo_path = repo.path();
-        create(repo_path, Some(repo_path))?;
+        create_repo(repo_path, Some(repo_path))?;
 
         let manifest = read_manifest(repo_path)?;
-        let manifest_signed = read_manifest_signed(repo_path, &manifest.public_key)?;
+        let manifest_signed = read_manifest(repo_path)?;
 
         assert_eq!(manifest.edition, manifest_signed.edition);
 
diff --git a/src/repo/mod.rs b/src/repo/mod.rs
@@ -20,7 +20,7 @@ use crate::crypto::signing::sign;
 ///
 /// - File permission errors at `repo_path`
 /// - Key generation errors (If you do not already have a key)
-pub fn create(repo_path: &Path, config_path: Option<&Path>) -> Result<()> {
+pub fn create_repo(repo_path: &Path, config_path: Option<&Path>) -> Result<()> {
     if repo_path.join("manifest.yml").exists() {
         bail!("Repository Already exists")
     }
@@ -131,10 +131,7 @@ pub fn get_package(repo_manifest: &RepoManifest, package_id: &str) -> Result<Pac
         }
     }
 
-    bail!(
-        "Could not find package '{}' found in Repository.",
-        package_id
-    );
+    bail!("Could not find package '{package_id}' found in Repository.",);
 }
 
 /// Gets an installed package manifest from a repository.
@@ -224,7 +221,7 @@ mod tests {
         // Create repo
         let repo = TempDir::new()?;
         let repo_path = repo.path();
-        create(repo_path, Some(repo_path))?;
+        create_repo(repo_path, Some(repo_path))?;
 
         // Make sure errors on no package
         assert!(get_package(&read_manifest(repo_path)?, "test").is_err());
@@ -260,7 +257,7 @@ mod tests {
         let repo_path = tmp.path();
 
         // Create repo
-        create(repo_path, Some(repo_path)).unwrap();
+        create_repo(repo_path, Some(repo_path)).unwrap();
 
         // Read unsigned manifest
         let manifest = read_manifest(repo_path).unwrap();
@@ -277,7 +274,7 @@ mod tests {
     fn test_tampered_manifest_fails() -> Result<()> {
         let tmp = TempDir::new()?;
         let repo_path = tmp.path();
-        create(repo_path, Some(repo_path))?;
+        create_repo(repo_path, Some(repo_path))?;
 
         // Tamper with manifest.yml
         let mut contents = fs::read_to_string(repo_path.join("manifest.yml"))?;
diff --git a/src/run/mod.rs b/src/run/mod.rs
@@ -113,7 +113,7 @@ pub async fn install_package(
 mod tests {
     use super::*;
     use crate::chunks::save_tree;
-    use crate::repo::{Metadata, PackageManifest, create, insert_package};
+    use crate::repo::{Metadata, PackageManifest, create_repo, insert_package};
     use std::fs;
     use temp_dir::TempDir;
 
@@ -124,7 +124,7 @@ mod tests {
         let chunks_dir = TempDir::new()?;
         let chunks_path = chunks_dir.path();
 
-        create(repo_path, Some(repo_path))?;
+        create_repo(repo_path, Some(repo_path))?;
 
         // Create a temp tree
         let temp_tree = TempDir::new()?;
diff --git a/tests/full_workflow.rs b/tests/full_workflow.rs
@@ -4,7 +4,7 @@ use temp_dir::TempDir;
 
 use flintpkg::{
     build::build,
-    repo::{self, get_installed_package},
+    repo::{create_repo, get_installed_package},
     run::{install_package, start},
 };
 
@@ -16,7 +16,7 @@ async fn full_workflow_test() -> Result<()> {
     let chunks_dir = TempDir::new()?;
     let chunks_path = chunks_dir.path();
 
-    repo::create(repo_path, None)?;
+    create_repo(repo_path, None)?;
 
     let build_manifest_path = Path::new("build_manifest.yml");
     build(build_manifest_path, repo_path, None, chunks_path).await?;

Original file line number	Diff line number	Diff line change
`@@ -75,3 +75,4 @@ nursery = "warn"`
`75`	`75`
`76`	`76`	`[profile.release]`
`77`	`77`	`lto = true`
	`78`	`+debug = "line-tables-only"`