Skip to content

fix(gl): sign the CLI's /ipfs/pins reads under the #134 auth gate#146

Open
beardthelion wants to merge 6 commits into
mainfrom
fix/gl-sign-ipfs-pins
Open

fix(gl): sign the CLI's /ipfs/pins reads under the #134 auth gate#146
beardthelion wants to merge 6 commits into
mainfrom
fix/gl-sign-ipfs-pins

Conversation

@beardthelion

@beardthelion beardthelion commented Jul 2, 2026

Copy link
Copy Markdown
Collaborator

PR #134 gates /api/v1/ipfs/pins behind authentication (anonymous callers get 401). Two gl CLI call sites still hit it unsigned, so once #134 ships they break: gl ipfs list returns a hard 401, and the gl node status pins panel silently shows nothing. This signs both reads with the caller's identity through the existing NodeClient::get_signed, so the CLI keeps working under the gate.

Scope is pins-only:

  • gl ipfs list now loads the identity (via --dir, defaulting to the standard keystore) and signs the request. With no identity it fails with the existing gl identity new guidance instead of a raw 401, and it now surfaces a non-2xx response as an error rather than parsing it into an empty list.
  • gl node status loads the identity gracefully and signs only the pins panel, via an injectable fetch_pins helper with four states (pins, empty, unavailable, sign-in-required). The peers, repos, p2p, and events panels stay anonymous, and a pins failure never aborts the dashboard.

/api/v1/arweave/anchors (the other endpoint #134 gates) is never called by the CLI, so it is out of scope.

A note on behavior: the pin listing is visibility-filtered (every repo the caller can read, public plus their own private), not scoped to the caller's own objects. The auth requirement exists to stop anonymous enumeration of the node-wide pin index, so the CLI has to authenticate, but the result is the caller's readable view.

This should land in the same release as #134 so no published build ships the broken CLI.

Tests are mockito-based (no database): signed-header presence, the no-identity and non-2xx error paths, and all four node-status pins states including the transport-error and malformed-body branches. The gl suite passes (236 tests).

Closes the CLI regression noted in the #134 review.

Summary by CodeRabbit

  • Bug Fixes
    • Removed several public-facing features from the service, including repository issues, pull requests, labels, stars, webhooks, tasks, profiles, visibility rules, and peer/anchor endpoints.
    • Simplified authentication and registration flows by removing signature- and token-based request handling paths.
  • Chores
    • Cleaned up repository configuration, templates, documentation, and release/CI automation files.
    • Removed bundled sample environment, contributor, security, and changelog content.

…gate

/api/v1/ipfs/pins now 401s anonymous callers (#134). Load the caller's
identity (--dir, default keystore) and use NodeClient::get_signed; when no
identity exists, propagate load_keypair_from_dir's existing 'gl identity new'
error instead of a raw 401. Tests: signed-headers present, empty, and
no-identity-issues-no-request (mockito).
The pins panel signs its /api/v1/ipfs/pins read (#134 gates it behind auth)
via an injectable fetch_pins helper with four states: pins, empty,
unavailable (signed read rejected/errored), and needs-identity (no keypair,
no request issued). cmd_status loads the identity gracefully so a missing
keystore never aborts status; peers/repos/p2p/events panels stay anonymous.
Tests drive fetch_pins directly against a mock node.
…el label

- gl ipfs list: check the /ipfs/pins response status before parsing, so a
  rejected signed read (e.g. 401) surfaces as an error instead of silently
  printing 'No IPFS pins recorded'. Matches the sibling gl ipfs get.
- gl node status: PinsPanel::Empty now renders 'Pinned CIDs: 0' (a reachable
  node with zero pins), reserving 'unavailable' for the failure state; the
  prior label reused 'IPFS not configured' and misreported the zero-pins case.
- Carry the resolved count in PinsPanel::Pins, removing the duplicated
  count-fallback closure between fetch_pins and the render arm.
Extract the pins-panel render into a testable pins_status_line helper and
assert all four states' output (closes the untested cmd_status render path,
including the empty->'Pinned CIDs: 0' label). Add fetch_pins tests for the
two error branches that were code-traced but unexecuted: a malformed 200
body and a transport error both degrade to Unavailable without panicking.
@beardthelion beardthelion added crate:attest gitlawb-attest — attestation and verification crate:core gitlawb-core — identity, certs, encrypt, DID/UCAN crate:git-remote git-remote-gitlawb — the git remote helper crate:gl gl — the contributor CLI crate:node gitlawb-node — the serving node and REST API kind:bug Defect fix — wrong or unsafe behavior subsystem:attestation Certificates, anchoring, per-ref attestation subsystem:encryption Encrypted subtrees, recipient blinding, key zeroization subsystem:identity DID/UCAN, http-sig auth, push authorization subsystem:peers Peer announce, discovery, and registry subsystem:replication Mirror, replica, and cross-node sync subsystem:storage Blob/object store, Arweave, IPFS, archives subsystem:visibility Path-scoped visibility and content withholding labels Jul 2, 2026
@coderabbitai

coderabbitai Bot commented Jul 2, 2026

Copy link
Copy Markdown

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 75856e78-c16d-44a5-977c-5b2909863cf3

📥 Commits

Reviewing files that changed from the base of the PR and between ec367bc and 9640c87.

⛔ Files ignored due to path filters (3)
  • Cargo.lock is excluded by !**/*.lock
  • macos-app/Sources/GitlawbNode/Resources/MenuBarIcon.png is excluded by !**/*.png
  • macos-app/Sources/GitlawbNode/Resources/MenuBarIcon@2x.png is excluded by !**/*.png
📒 Files selected for processing (183)
  • .cargo/audit.toml
  • .env.example
  • .github/CODEOWNERS
  • .github/ISSUE_TEMPLATE/bug_report.yml
  • .github/ISSUE_TEMPLATE/config.yml
  • .github/ISSUE_TEMPLATE/feature_request.yml
  • .github/pull_request_template.md
  • .github/workflows/audit-schedule.yml
  • .github/workflows/pr-checks.yml
  • .github/workflows/pr-triage.yml
  • .github/workflows/release.yml
  • .github/workflows/stale.yml
  • .gitignore
  • .release-please-manifest.json
  • CHANGELOG.md
  • CONTRIBUTING.md
  • Cargo.toml
  • Dockerfile
  • Dockerfile.bins
  • LICENSE-APACHE
  • LICENSE-MIT
  • README.md
  • SECURITY.md
  • bootstrap-peers.json
  • crates/git-remote-gitlawb/Cargo.toml
  • crates/git-remote-gitlawb/src/main.rs
  • crates/gitlawb-attest/Cargo.toml
  • crates/gitlawb-attest/src/attestation.rs
  • crates/gitlawb-attest/src/cert.rs
  • crates/gitlawb-attest/src/error.rs
  • crates/gitlawb-attest/src/lib.rs
  • crates/gitlawb-attest/src/verifier.rs
  • crates/gitlawb-attest/tests/canonical_vectors.rs
  • crates/gitlawb-attest/tests/with_gitlawb_core.rs
  • crates/gitlawb-core/Cargo.toml
  • crates/gitlawb-core/src/cert.rs
  • crates/gitlawb-core/src/cid.rs
  • crates/gitlawb-core/src/did.rs
  • crates/gitlawb-core/src/encrypt.rs
  • crates/gitlawb-core/src/error.rs
  • crates/gitlawb-core/src/http_sig.rs
  • crates/gitlawb-core/src/identity.rs
  • crates/gitlawb-core/src/lib.rs
  • crates/gitlawb-core/src/ucan.rs
  • crates/gitlawb-node/Cargo.toml
  • crates/gitlawb-node/src/api/agents.rs
  • crates/gitlawb-node/src/api/arweave.rs
  • crates/gitlawb-node/src/api/bounties.rs
  • crates/gitlawb-node/src/api/certs.rs
  • crates/gitlawb-node/src/api/changelog.rs
  • crates/gitlawb-node/src/api/encrypted.rs
  • crates/gitlawb-node/src/api/events.rs
  • crates/gitlawb-node/src/api/ipfs.rs
  • crates/gitlawb-node/src/api/issues.rs
  • crates/gitlawb-node/src/api/labels.rs
  • crates/gitlawb-node/src/api/mod.rs
  • crates/gitlawb-node/src/api/peers.rs
  • crates/gitlawb-node/src/api/profiles.rs
  • crates/gitlawb-node/src/api/protect.rs
  • crates/gitlawb-node/src/api/pulls.rs
  • crates/gitlawb-node/src/api/register.rs
  • crates/gitlawb-node/src/api/replicas.rs
  • crates/gitlawb-node/src/api/repos.rs
  • crates/gitlawb-node/src/api/resolve.rs
  • crates/gitlawb-node/src/api/stars.rs
  • crates/gitlawb-node/src/api/tasks.rs
  • crates/gitlawb-node/src/api/visibility.rs
  • crates/gitlawb-node/src/api/webhooks.rs
  • crates/gitlawb-node/src/arweave.rs
  • crates/gitlawb-node/src/auth/mod.rs
  • crates/gitlawb-node/src/bootstrap.rs
  • crates/gitlawb-node/src/cert.rs
  • crates/gitlawb-node/src/config.rs
  • crates/gitlawb-node/src/db/mod.rs
  • crates/gitlawb-node/src/encrypted_pin.rs
  • crates/gitlawb-node/src/error.rs
  • crates/gitlawb-node/src/git/issues.rs
  • crates/gitlawb-node/src/git/mod.rs
  • crates/gitlawb-node/src/git/push_delta.rs
  • crates/gitlawb-node/src/git/repo_store.rs
  • crates/gitlawb-node/src/git/smart_http.rs
  • crates/gitlawb-node/src/git/store.rs
  • crates/gitlawb-node/src/git/tigris.rs
  • crates/gitlawb-node/src/git/visibility_pack.rs
  • crates/gitlawb-node/src/graphql/mod.rs
  • crates/gitlawb-node/src/graphql/mutation.rs
  • crates/gitlawb-node/src/graphql/query.rs
  • crates/gitlawb-node/src/graphql/subscription.rs
  • crates/gitlawb-node/src/graphql/types.rs
  • crates/gitlawb-node/src/icaptcha.rs
  • crates/gitlawb-node/src/ipfs_pin.rs
  • crates/gitlawb-node/src/main.rs
  • crates/gitlawb-node/src/metrics.rs
  • crates/gitlawb-node/src/operator.rs
  • crates/gitlawb-node/src/p2p/mod.rs
  • crates/gitlawb-node/src/pinata.rs
  • crates/gitlawb-node/src/rate_limit.rs
  • crates/gitlawb-node/src/server.rs
  • crates/gitlawb-node/src/state.rs
  • crates/gitlawb-node/src/sync.rs
  • crates/gitlawb-node/src/test_support.rs
  • crates/gitlawb-node/src/visibility.rs
  • crates/gitlawb-node/src/webhooks.rs
  • crates/gl/Cargo.toml
  • crates/gl/src/agent.rs
  • crates/gl/src/bounty.rs
  • crates/gl/src/cert.rs
  • crates/gl/src/changelog.rs
  • crates/gl/src/clone.rs
  • crates/gl/src/doctor.rs
  • crates/gl/src/http.rs
  • crates/gl/src/identity.rs
  • crates/gl/src/init.rs
  • crates/gl/src/ipfs_cmd.rs
  • crates/gl/src/issue.rs
  • crates/gl/src/main.rs
  • crates/gl/src/mcp.rs
  • crates/gl/src/mirror.rs
  • crates/gl/src/name.rs
  • crates/gl/src/node.rs
  • crates/gl/src/node_stake.rs
  • crates/gl/src/peer.rs
  • crates/gl/src/pr.rs
  • crates/gl/src/profile.rs
  • crates/gl/src/protect.rs
  • crates/gl/src/quickstart.rs
  • crates/gl/src/register.rs
  • crates/gl/src/repo.rs
  • crates/gl/src/star.rs
  • crates/gl/src/status.rs
  • crates/gl/src/sync.rs
  • crates/gl/src/task.rs
  • crates/gl/src/ucan_cmd.rs
  • crates/gl/src/visibility.rs
  • crates/gl/src/webhook.rs
  • crates/gl/src/whoami.rs
  • docker-compose.yml
  • docs/ECONOMICS.md
  • docs/MAINTAINER-ROADMAP.md
  • docs/OSS-READINESS-AUDIT.md
  • docs/RUN-A-NODE.md
  • infra/README.md
  • infra/aws/.gitignore
  • infra/aws/.terraform.lock.hcl
  • infra/aws/README.md
  • infra/aws/compose.yaml.tftpl
  • infra/aws/main.tf
  • infra/aws/monitoring.tf
  • infra/aws/outputs.tf
  • infra/aws/rds.tf
  • infra/aws/terraform.tfvars.example
  • infra/aws/user-data.sh.tftpl
  • infra/aws/variables.tf
  • infra/aws/versions.tf
  • infra/fly/fly.toml
  • install.ps1
  • install.sh
  • macos-app/.gitignore
  • macos-app/Package.swift
  • macos-app/Sources/GitlawbNode/AppDelegate.swift
  • macos-app/Sources/GitlawbNode/Config.swift
  • macos-app/Sources/GitlawbNode/DockerCompose.swift
  • macos-app/Sources/GitlawbNode/DockerDetector.swift
  • macos-app/Sources/GitlawbNode/Info.plist
  • macos-app/Sources/GitlawbNode/Resources/AppIcon.icns
  • macos-app/Sources/GitlawbNode/Resources/docker-compose.yml
  • macos-app/Sources/GitlawbNode/SettingsWindow.swift
  • macos-app/Sources/GitlawbNode/StatusBarController.swift
  • macos-app/Sources/GitlawbNode/main.swift
  • npm/.gitignore
  • npm/README.md
  • npm/packages/gl-darwin-arm64/package.json
  • npm/packages/gl-darwin-x64/package.json
  • npm/packages/gl-linux-arm64/package.json
  • npm/packages/gl-linux-x64/package.json
  • npm/packages/gl/README.md
  • npm/packages/gl/bin/.gitkeep
  • npm/packages/gl/install.js
  • npm/packages/gl/package.json
  • public/a.txt
  • release-please-config.json
  • scripts/build-bins.sh
  • scripts/build-macos-app.sh
💤 Files with no reviewable changes (81)
  • .github/workflows/pr-checks.yml
  • .github/CODEOWNERS
  • .github/ISSUE_TEMPLATE/config.yml
  • .release-please-manifest.json
  • .github/workflows/pr-triage.yml
  • .github/ISSUE_TEMPLATE/feature_request.yml
  • CONTRIBUTING.md
  • crates/gitlawb-core/src/cid.rs
  • crates/gitlawb-node/src/api/certs.rs
  • Dockerfile.bins
  • crates/git-remote-gitlawb/Cargo.toml
  • bootstrap-peers.json
  • .github/workflows/stale.yml
  • crates/gitlawb-node/src/error.rs
  • crates/gitlawb-attest/tests/with_gitlawb_core.rs
  • crates/gitlawb-node/src/api/repos.rs
  • crates/gitlawb-node/src/git/store.rs
  • LICENSE-MIT
  • CHANGELOG.md
  • crates/gitlawb-node/src/api/stars.rs
  • crates/gitlawb-attest/src/error.rs
  • .github/workflows/audit-schedule.yml
  • .github/pull_request_template.md
  • .cargo/audit.toml
  • crates/gitlawb-core/Cargo.toml
  • crates/gitlawb-core/src/lib.rs
  • crates/gitlawb-node/src/api/profiles.rs
  • LICENSE-APACHE
  • crates/gitlawb-core/src/encrypt.rs
  • Cargo.toml
  • crates/gitlawb-node/src/api/labels.rs
  • Dockerfile
  • crates/gitlawb-node/src/encrypted_pin.rs
  • crates/gitlawb-attest/tests/canonical_vectors.rs
  • crates/gitlawb-attest/Cargo.toml
  • .env.example
  • crates/gitlawb-node/src/api/encrypted.rs
  • .gitignore
  • crates/gitlawb-node/src/api/tasks.rs
  • crates/gitlawb-node/src/api/issues.rs
  • crates/gitlawb-core/src/identity.rs
  • crates/gitlawb-node/src/git/repo_store.rs
  • crates/gitlawb-node/src/git/mod.rs
  • crates/gitlawb-node/src/git/issues.rs
  • crates/gitlawb-attest/src/cert.rs
  • crates/gitlawb-node/src/api/webhooks.rs
  • crates/gitlawb-core/src/ucan.rs
  • SECURITY.md
  • crates/gitlawb-node/Cargo.toml
  • crates/gitlawb-core/src/error.rs
  • crates/gitlawb-node/src/api/bounties.rs
  • crates/gitlawb-node/src/arweave.rs
  • README.md
  • crates/gitlawb-node/src/api/events.rs
  • crates/gitlawb-node/src/auth/mod.rs
  • crates/gitlawb-node/src/api/arweave.rs
  • crates/gitlawb-node/src/api/resolve.rs
  • crates/gitlawb-core/src/cert.rs
  • crates/gitlawb-node/src/api/peers.rs
  • .github/ISSUE_TEMPLATE/bug_report.yml
  • crates/gitlawb-node/src/cert.rs
  • crates/gitlawb-attest/src/lib.rs
  • crates/gitlawb-node/src/api/protect.rs
  • crates/gitlawb-node/src/config.rs
  • crates/gitlawb-node/src/bootstrap.rs
  • crates/gitlawb-node/src/api/ipfs.rs
  • crates/gitlawb-node/src/api/register.rs
  • crates/gitlawb-node/src/api/mod.rs
  • crates/gitlawb-core/src/did.rs
  • crates/gitlawb-node/src/api/changelog.rs
  • crates/gitlawb-attest/src/attestation.rs
  • crates/gitlawb-node/src/api/agents.rs
  • crates/gitlawb-node/src/git/push_delta.rs
  • crates/gitlawb-core/src/http_sig.rs
  • crates/gitlawb-node/src/api/replicas.rs
  • crates/gitlawb-node/src/git/smart_http.rs
  • crates/gitlawb-node/src/api/pulls.rs
  • crates/gitlawb-attest/src/verifier.rs
  • crates/git-remote-gitlawb/src/main.rs
  • crates/gitlawb-node/src/api/visibility.rs
  • .github/workflows/release.yml

📝 Walkthrough

Walkthrough

This PR deletes nearly the entire repository, removing all Rust crates (gitlawb-core, gitlawb-node, gitlawb-attest, git-remote-gitlawb), CI/CD workflows, GitHub configuration files, issue/PR templates, licenses, documentation, and configuration files, leaving no replacement content.

Changes

Cohort / File(s) Summary
Repository/root config & docs removal
.cargo/audit.toml, .env.example, .gitignore, .release-please-manifest.json, CHANGELOG.md, CONTRIBUTING.md, Cargo.toml, Dockerfile, Dockerfile.bins, LICENSE-APACHE, LICENSE-MIT, README.md, SECURITY.md, bootstrap-peers.json
Removes root-level manifests, license text, documentation, environment templates, ignore rules, and Docker build definitions with no replacement.
GitHub workflows & templates removal
.github/CODEOWNERS, .github/ISSUE_TEMPLATE/*, .github/pull_request_template.md, .github/workflows/*
Deletes all CI/CD automation (PR checks, audits, release, stale, triage) and contributor templates.
gitlawb-attest crate removal
crates/gitlawb-attest/Cargo.toml, crates/gitlawb-attest/src/*, crates/gitlawb-attest/tests/*
Removes the attestation crate entirely, including Attestation, AttestedRefUpdateCert, verifier registry, error types, and tests.
gitlawb-core crate removal
crates/gitlawb-core/Cargo.toml, crates/gitlawb-core/src/*
Removes core primitives: certs, CIDs, DIDs, encryption, HTTP signatures, identity/keypair, UCAN tokens, and error types.
git-remote-gitlawb crate removal
crates/git-remote-gitlawb/Cargo.toml, crates/git-remote-gitlawb/src/main.rs
Removes the git remote-helper binary and its protocol/proxy/signature logic.
gitlawb-node crate removal
crates/gitlawb-node/Cargo.toml, crates/gitlawb-node/src/api/*, crates/gitlawb-node/src/git/*, crates/gitlawb-node/src/arweave.rs, crates/gitlawb-node/src/auth/mod.rs, crates/gitlawb-node/src/bootstrap.rs, crates/gitlawb-node/src/cert.rs, crates/gitlawb-node/src/config.rs, crates/gitlawb-node/src/encrypted_pin.rs, crates/gitlawb-node/src/error.rs
Removes the entire node service: HTTP API handlers (agents, bounties, issues, PRs, tasks, webhooks, visibility, peers, etc.), git storage/smart-HTTP layer, auth middleware, Arweave anchoring, config, and error handling.

Estimated code review effort: 5 (Critical) | ~120 minutes

Possibly related issues

Possibly related PRs

  • Gitlawb/node#87: Deletes the REST authorization layer (src/auth/mod.rs, src/api/mod.rs) that this PR built per-route DID-based authorization on.
  • Gitlawb/node#36: Deletes the encrypted-replication stack (encrypt.rs, encrypted.rs, encrypted_pin.rs, arweave.rs) added by this PR.
  • Gitlawb/node#127: Both touch .github/workflows/release.yml, with this PR deleting what the other refactors.

Suggested labels: kind:security, subsystem:api

Suggested reviewers: jatmn, kevincodex1

🚥 Pre-merge checks | ✅ 3 | ❌ 2

❌ Failed checks (2 warnings)

Check name Status Explanation Resolution
Title check ⚠️ Warning The title mentions signing CLI /ipfs/pins reads, but the summarized diff is dominated by broad deletions unrelated to that fix. Retitle it to match the actual change; if this is the auth-gate fix, keep it scoped to pins reads and mention the affected CLI commands.
Description check ⚠️ Warning The description has useful context, but it does not follow the template and is missing required sections like a filled Closes #, kind of change, and verification commands. Add the missing template sections: complete the issue link, choose a kind-of-change checkbox, include concrete changed files, and add reviewer verification steps.
✅ Passed checks (3 passed)
Check name Status Explanation
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch fix/gl-sign-ipfs-pins
⚔️ Resolve merge conflicts
  • Resolve merge conflict in branch fix/gl-sign-ipfs-pins

Comment @coderabbitai help to get the list of available commands.

@jatmn jatmn left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I found an issue that needs to be addressed before this is ready.

Findings

  • [P2] Let gl node status use the same identity directory as the signed pins list
    crates/gl/src/node.rs:22
    This PR adds --dir to gl ipfs list and signs that request with the selected identity, but the other pins caller still has no identity-directory option: gl node status --help only exposes --node, and the implementation always calls load_keypair_from_dir(None). Users who created or selected an identity with --dir can make gl ipfs list --dir ... work, but the status dashboard will still render the pins panel as “sign in to view” because it cannot load that same key. Please add a dir option to NodeCmd::Status and pass it into the pins fetch path so both CLI callers can authenticate consistently.

`gl node status` always loaded the default keystore via
`load_keypair_from_dir(None)`, so a user who created or selected an identity
with `--dir` saw the status pins panel render "sign in to view" even though
`gl ipfs list --dir` authenticated fine. Add a `--dir` option to
`NodeCmd::Status` and thread it into the signed pins fetch, so both CLI pins
callers select the same identity directory.

An explicit `--dir` that can't be loaded (missing, corrupt, or unreadable) no
longer masquerades as "no identity, run `gl identity new`": the pins identity
is resolved up front into Keyed / Anonymous / DirUnusable, and the unusable
explicit-dir case renders a distinct "no usable identity in <dir>" panel line
that names the path, while a missing default keystore (no `--dir`) still
degrades quietly. A pins failure never aborts the dashboard.

Tests cover both flag branches (Some/None) and the resolver both ways: a good
`--dir` loads Keyed, an unusable one reports DirUnusable/IdentityError without
issuing a request. The new symbols were absent before, so they compile-RED
first.
@beardthelion beardthelion force-pushed the fix/gl-sign-ipfs-pins branch from 9640c87 to cf588d0 Compare July 3, 2026 01:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

crate:attest gitlawb-attest — attestation and verification crate:core gitlawb-core — identity, certs, encrypt, DID/UCAN crate:git-remote git-remote-gitlawb — the git remote helper crate:gl gl — the contributor CLI crate:node gitlawb-node — the serving node and REST API kind:bug Defect fix — wrong or unsafe behavior subsystem:attestation Certificates, anchoring, per-ref attestation subsystem:encryption Encrypted subtrees, recipient blinding, key zeroization subsystem:identity DID/UCAN, http-sig auth, push authorization subsystem:peers Peer announce, discovery, and registry subsystem:replication Mirror, replica, and cross-node sync subsystem:storage Blob/object store, Arweave, IPFS, archives subsystem:visibility Path-scoped visibility and content withholding

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants