From d9104c2ec2b5784ea44205903dbed19150d077c7 Mon Sep 17 00:00:00 2001 From: tdurieux Date: Wed, 6 May 2026 21:14:53 +0300 Subject: [PATCH] Update commit on branch refresh and validate commit exists on save Refresh button now always updates the commit to the latest SHA instead of preserving the stale one in edit mode. Both create and update routes verify the commit still exists on GitHub before persisting. --- public/partials/anonymize.htm | 3 +++ public/script/app.js | 10 ++++++---- src/server/routes/repository-private.ts | 9 +++++++++ 3 files changed, 18 insertions(+), 4 deletions(-) diff --git a/public/partials/anonymize.htm b/public/partials/anonymize.htm index 5b173db..c593f2b 100644 --- a/public/partials/anonymize.htm +++ b/public/partials/anonymize.htm @@ -102,6 +102,9 @@
The commit SHA is not valid.
+
+ This commit no longer exists in the repository. Click refresh to get the latest. +
diff --git a/public/script/app.js b/public/script/app.js index 4b97128..1ea7d1d 100644 --- a/public/script/app.js +++ b/public/script/app.js @@ -1600,11 +1600,11 @@ angular } const selected = $scope.branches.filter((b) => b.name == $scope.source.branch); if (selected.length > 0) { - // Preserve the saved commit when editing with auto-update off: - // refreshing branches must not silently bump the pinned SHA to - // GitHub HEAD. Same intent as the source.branch watcher (#360), - // extended to cover the branches refresh path. + // When the user explicitly clicks refresh (force=true), always + // update the commit to the latest on the branch. Only preserve + // the saved commit on the initial edit-page load (#360). const keepSavedCommit = + !force && $scope.isUpdate && !$scope.options.update && $scope._originalBranch === $scope.source.branch && @@ -1957,6 +1957,7 @@ angular setValidity("sourceUrl", "missing", true); setValidity("sourceUrl", "access", true); setValidity("sourceUrl", "github", true); + setValidity("commit", "exists", true); setValidity("conference", "activated", true); setValidity("terms", "format", true); $scope.termsRegexWarning = false; @@ -1977,6 +1978,7 @@ angular case "invalid_terms_format": setValidity("terms", "format", false); break; case "repo_not_found": setValidity("sourceUrl", "missing", false); break; case "repo_not_accessible": setValidity("sourceUrl", "access", false); break; + case "commit_not_found": setValidity("commit", "exists", false); break; case "conf_not_activated": setValidity("conference", "activated", false); break; } } diff --git a/src/server/routes/repository-private.ts b/src/server/routes/repository-private.ts index 760ba94..f03f812 100644 --- a/src/server/routes/repository-private.ts +++ b/src/server/routes/repository-private.ts @@ -431,6 +431,11 @@ router.post( httpStatus: 404, }); } + + await repository.getCommitInfo(repoUpdate.source.commit, { + accessToken: user.accessToken, + }); + const removeRepoFromConference = async (conferenceID: string) => { const conf = await ConferenceModel.findOne({ conferenceID, @@ -542,6 +547,10 @@ router.post("/", async (req: express.Request, res: express.Response) => { }); } + await repository.getCommitInfo(repoUpdate.source.commit, { + accessToken: user.accessToken, + }); + const repo = new AnonymizedRepositoryModel(); repo.repoId = repoUpdate.repoId; repo.anonymizeDate = new Date();